Free Buffer Overflow Protection Software for Windows 2000/XP/2003 Systems

From: Rene R?hle (info_at_sys-manage.net)
Date: 12/21/03

• Next message: Rowdy Yates: "Re: Using PGP 8.0.3 with Outlook 2002???"
• Previous message: Rene R?hle: "Free Buffer Overflow Protection Software for Windows 2000/XP/2003 Systems"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 21 Dec 2003 09:00:24 -0800

BufferShield is security software, capable of detecting and preventing
attempts to execute code on the stack and the heap memory area, in
order to stop the exploitation of buffer overflows. It is a very
useful addition to Windows Update, minimizing the risk of unresolved
security exploits, caused by buffer overflows.

Upon detection of a buffer overflow it creates an entry within the
event log and optionally terminates the application in question,
preventing the execution of potentially malicious code.

Buffer overflows are commonly exploited by hackers or viruses with the
aim of introducing malicious code into attacked computer systems. For
example, the LovSan / MSBlaster virus used such a buffer overflow in
order to spread itself.

Opposed to the commercial version of BufferShield, protecting all
running applications and services, the freely available version is
limited to protect only the following list of applications:
-MS Internet Explorer
-Opera
-MS Outlook Express
-MS Outlook

A single computer license of the commercial BufferShield version costs
$29.00 and can be ordered on-line from our company's secure website.
Multiple computer and enterprise licenses are also available.

You can download the free version and a 30-day trial of the commercial
version at: http://www.sys-manage.com/index10.htm

Kind regards,
Rene Ruehle
###########################
Sys-Manage e.K.
Zehnmorgenstr. 48-50
60433 Frankfurt * Germany *
TEL +49-69-979810-82
FAX +49-69-979810-83
WEB http://www.sys-manage.com
mailto:Info@Sys-Manage.Net

---

• Next message: Rowdy Yates: "Re: Using PGP 8.0.3 with Outlook 2002???"
• Previous message: Rene R?hle: "Free Buffer Overflow Protection Software for Windows 2000/XP/2003 Systems"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages [VulnWatch] CORE-20021005: Vulnerability Report For Linksys Devices ... Linksys fix provided in response to another ... buffer overflows leading to code execution, ... partially fixed on firmware version 1.43.3, ... (VulnWatch) [Full-Disclosure] CORE-20021005: Vulnerability Report For Linksys Devices ... Linksys fix provided in response to another ... buffer overflows leading to code execution, ... partially fixed on firmware version 1.43.3, ... (Full-Disclosure) [NEWS] Libxml2 Remote Buffer Overflows ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Several buffer overflows were found in various code portions in libxml2. ... * A buffer overflow exists when parsing a proxy URL with FTP information ... (Securiteam) Buffer overflows and asctime() ... A buffer overflow in the C standard document ... When you write %.3d it means that at least 3 characters will be output, but it could be much more if, for instance, the input is bigger than 999. ... In that case, the buffer allocated for asctime is too small to contain the printf result, and a buffer overflow will happen. ... How much buffer space we would need to protect asctime from buffer overflows in the worst case? ... (comp.std.c) Re: Stack growth direction to thwart buffer overflow attacks ... |>> via SIGABRT or whatever when the buffer is exceeded, ... an inherent problem in languages like C and C++. ... to reduce buffer overflows, but they are not a solution. ... The ONLY cure is an architected language where either the compiler ... (comp.security.unix)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)