Reference from ESORICS proceedings

5th European Symposium on Research in Computer Security (ESORICS 98)

A Tool for Pro-active Defense Against the Buffer Overrun Attack

D. Bruschi, E. Rosti, R. Banfi

Keywords :

Abstract : The problem of buffer overruns, i.e., writing past the end of an array, in C programs has been known since the early seventies as one of the possible consequences of the C language data integrity philosophy. Since the late eighties, when computer security incidents started affecting the Internet, it has been clear that buffer overruns are a powerful threat to system security as they allow ordinary users to gain superuser privileges on Unix systems. Nowadays, buffer overruns are one of the most popular exploits in the hacker scene. In this paper we present a tool for the automatic detection of buffer overrun vulnerabilities in object code. It can be applied to operating system components as well as ordinary programs. The tool is aimed at helping system administrators eliminate vulnerable programs before they are exploited. A fully working prototype for HP-UX and Linux systems is currently available. Extensions are planned for other Unix versions.

(Pages 17-31)

Proceedings table of contents