|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] Dangling pointers exploitation
From: jf (jf
danglingpointers.net)
Date: Wed Jul 25 2007 - 19:06:27 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> Let me just qualify that I was talking about the whole class of
> wild-pointer bugs.
how would it be any different than
ptr+overflowed_offset/array[negative_index]/et cetera bugs?
perhaps the guys found a new way of reliably exploiting a very specific
form of dangling pointer bugs, but i dont see how it could possibly
qualify as being a new class of vulns, nor can i think of anyone who has
ever said a dangling pointer was a QA issue and not a security issue
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]