From owner-freebsd-security Sat Jun 20 10:02:55 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA10374 for freebsd-security-outgoing; Sat, 20 Jun 1998 10:02:55 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from pubnix.org (www.pubnix.org [155.229.39.88]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA10361 for ; Sat, 20 Jun 1998 10:02:51 -0700 (PDT) (envelope-from jtb@pubnix.org) Received: from localhost (jtb@localhost) by pubnix.org (8.8.8/NooWop) with SMTP id NAA27138; Sat, 20 Jun 1998 13:01:56 -0400 (EDT) Date: Sat, 20 Jun 1998 13:01:55 -0400 (EDT) From: jtb To: Nicholas Charles Brawn cc: security@FreeBSD.ORG Subject: Re: non-executable stack? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org BTW, If the solaris kernel works the same as teh linux kernel(most likely because they're both SysV to an extent) return into libc attacks should work, although I would have to talk to solar designer about it, as I've never worked with the Solaris stack. Check http://www.false.com/~solar/ I think he has his non-standard buffer overflow paper there, if not check bugtraq archives. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Jonathan T. Bowie ADM w00w00 WSD jobe@sekurity.org jtb@pubnix.org jobe@dataforce.net Independant Security Developer Home: (603)436-5698 "I'd hate to advocate drugs, sex, alcohol, or Cell: (603)553-6697 violence... to any one, but they've worked for me." -- Hunter S. Thompson =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message