All of this brings up a couple of questions for me:

1.
As I understand it, all this can be avoided by applying the simple, longtime standard maxim of "trust no input," correct? (If correct, this leads me to murmur rhetorically "Have today's developers no discipline?")

2.
If the above is incorrect, and system messages such as event notifications (onClick, etc.) can be compromised, then developers using tools such as Visual Basic are essentially helpless to harden their applications. Other than going back to writing in assembly, what is the modern developer to do?

We have here an exclusive or: Which is it - 1 or 2 or neither?

Thanks,

-Greg
 
===============
Ford CIRT
grotheford.com
===============

-----Original Message-----
From: Paul Starzetz [mailto:paulstarzetz.de]
Sent: Monday, August 26, 2002 10:47 AM
To: Andrey Kolishak; bugtraqsecurityfocus.com
Subject: Re: White paper: Exploiting the Win32 API.

Andrey Kolishak wrote:

>
>There is also article of Symeon Xenitellis "A New Avenue of Attack:
>Event-driven system vulnerabilities"
>http://www.isg.rhul.ac.uk/~simos/event_demo/
>
>
>
In fact, the problem is similar to U*ix signals, except that there is no
jump-to-address argument for usual. Remember that old ping bug which
allowed users to flood the network by sending SIGALRM in some old ping
implementations. Maybe reading some manuals about safe signal handling
would be a good lecture for Windows developers too:

http://www.faqs.org/faqs/unix-faq/programmer/secure-programming/
Section 3.3 especially

regards

/ih

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]