Re: Debian Stable server hacked
On Wed, Aug 13, 2003 at 09:00:51PM -0400, valerian wrote:
> It actually does a very good job of stopping any kind of "stack-smashing"
> attack dead in its tracks (both the stack and heap are marked as
> non-executable). That takes care of most vulnerabilities, both known and
No, it really doesn't. It might stop some common implementations of
exploits, but that's about it. There are many papers available which
describe the shortcomings of this kind of prevention.
You don't need an executable stack to get control of execution, you only
need to be able to change the instruction pointer, which is stored on the
stack (as data).