OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq archives for 1st quarter (Jan-Mar) 1999: Buffer overflow and OS/390

Buffer overflow and OS/390

Do-Geun Jo (do.geun.joKR.ARTHURANDERSEN.COM)
Thu, 4 Feb 1999 18:53:20 +0900 

Hello. everyone.

I wonder if this letter is not appropriate for the list, but I am sure that
aleph1 will filter out if it is.

When I was thinking about the OS/390 and its open TCP/IP services, this
came to my mind that the conceptual resemblance between MVS and UNIX may
lead to some successful buffer overflow attack in OS/390.

Now open MVS comes with TCP/IP services that are running as Started Tasks
which seem to be just like suid demons.  TSO session creates its own
address space which seems like a memory space for UNIX shell environment.
If a normal user can create a shell code for the jump to the TSO command
line of a SPECIAL user, I think that buffer overflow may not be impossible.

Even C compiler is available for the ESA.  Well, if someone finds
vulnerable programs, this may lead to successful attack on the environment.

End.


*******************Internet Email Confidentiality Footer*******************
Privileged/Confidential Information may be contained in this message. If
you are not the addressee indicated in this message (or responsible for
delivery of the message to such person), you may not copy or deliver this
message to anyone. In such case, you should destroy this message, and
please notify us immediately. Please advise immediately if you or your
employer does not consent to Internet email for messages of this kind.
Opinions, conclusions and other information expressed in this message are
not given or endorsed by my firm or employer unless otherwise indicated by
an authorized representative independent of this message.