buffer overflow
Cliff Wells
LogiplexSoftware at earthlink.net
Fri Jan 17 13:08:11 EST 2003
On Thu, 2003-01-16 at 17:19, donoli wrote:
> On Thu, 16 Jan 2003 15:56:39 GMT, "Steve Holden"
> <sholden at holdenweb.com> wrote:
>
> >"donoli" <eat at joes.com> wrote in message
> >news:splb2vkt2lqspqjea5566dldil2t5s3v7m at 4ax.com...
> >> I have two machines, FreeBSD 4,2 and W2K pro. I'd like to test the
> >> security on both of them against a buffer overflow. If someone has
> >> the code in python for a buffer overflow, please post it.
> >> donoli.
> >
> >I've seen better social engineering in kindergarten classrooms.
> >
> >regards
> ########################
> If you don't want to answer the question, it's ok but don't tell me
> what you see in your crystal ball that you bought on ebay.
> donoli.
> ########################
There is no way to test an entire OS for buffer overflow issues [other
than perhaps in the libraries or system calls - but you still have to
test each individual routine]. If there were, buffer overflows would
have disappeared long ago. So the conclusion that must be drawn is
either a) you are trying to get someone to reveal *known* exploits
[hence the "social engineering" comment] or b) you don't really know
what it means [the "too much credit" comment].
If you want to know about known buffer overflow exploits in various
applications and OS's, search Google and read some of the voluminous
documentation you will find there.
BTW, Steve didn't buy that crystal ball on ebay, those ones are fake.
--
Cliff Wells, Software Engineer
Logiplex Corporation (www.logiplex.net)
(503) 978-6726 x308 (800) 735-0555 x308
More information about the Python-list
mailing list