PointGuard™: Protecting pointers from buffer overflow vulnerabilities

Proceedings of the 12th USENIX Security Symposium

Volumn , Issue , 2003, Pages 91-104

  Cowan, Crispin ^a   Beattie, Steve ^a   Johansen, John ^a   Wagle, Perry ^a  

^a Immunix

Author keywords

[No Author keywords available]

Indexed keywords

BUFFER STORAGE;

BUFFER OVERFLOWS; COMPILER TECHNIQUES; HEAP OVERFLOW; OPEN SSL; PARTIAL COVERAGE; SECURITY TECHNOLOGY; SENSITIVE APPLICATION; SOFTWARE SECURITY;

SECURITY OF DATA;

EID: 85009448253     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (31)

1. Anonymous. Once upon a free()⋯ Phrack, 11(57), August 2001.
2. Arash Baratloo, Navjot Singh, and Timothy Tsai. Transparent Run-Time Defense Against Stack Smashing Attacks. In 2000 USENIX Annual Technical Conference, San Diego, CA, June 18-23 2000.
3. Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar. Address Obfuscation: An Approach to Combat Buffer Overflows, Format-String Attacks, and More. In 12th USENIX Security Symposium, Washington, DC, August 2003.
4. "Bulba" and "Kil3r". Bypassing stackguard and stackshield. Phrack, 10(56), May 2000.
5. Matt Conover. w00w00 on Heap Overflows. http://www.w00w00.org/files/articles/heap-tut.txt, 1999.
6. Crispin Cowan, Matt Barringer, Steve Beattie, Greg Kroah-Hartman, Mike Frantzen, and Jamie Lokier. FormatGuard: Automatic Protection From printf Format String Vulnerabilities. In US-ENIX Security Symposium, Washington, DC, August 2001.
7. Crispin Cowan, Steve Beattie, RyanFinnin Day, Calton Pu, Perry Wagle, and Erik Walthinsen. Protecting Systems from Stack Smashing Attacks with StackGuard. In Linux Expo, Raleigh, NC, May 1999.
8. Crispin Cowan, Tim Chen, Calton Pu, and Perry Wagle. StackGuard 1.1: Stack Smashing Protection for Shared Libraries. In IEEE Symposium on Security and Privacy, Oakland, CA, May 1998. Brief presentation and poster session.
9. Crispin Cowan, Calton Pu, Dave Maier, Heather Hinton, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In 7th USENIX Security Conference, pages 63-77, San Antonio, TX, January 1998.
10. Crispin Cowan, Perry Wagle, Calton Pu, Steve Beattie, and Jonathan Walpole. Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade. In DARPA Information Survivability Conference and Expo (DISCEX), January 2000. Also presented as an invited talk at SANS 2000, March 23-26, 2000, Orlando, FL, http://schafercorp-ballston.com/discex}.
11. Mark J. Cox, Ralf S. Engelschall, Stephen Henson, and Ben Laurie. openSSL. http://www.openssl.org/, March 2001.
12. "Solar Designer". Non-Executable User Stack. http://www.openwall.com/linux/.
13. "Solar Designer". JPEG COM Marker Processing Vulnerability in Netscape Browsers. http://online.securityfocus.com/archive/1/71598, July 25 2000. Bugtraq.
14. Casper Dik. Non-Executable Stack for Solaris. Posting to comp.security.unix, http://x10.dejanews.com/get-doc.xp?AN=207344316&CON-TEXT=890082637.156735%9211&hitnum=69&AH=1}, January 2 1997.
15. Igor Dobrovitski. Exploit for CVS double free() for Linux pserver. http://online.securityfo-cus.com/archive/1/309913, February 2 2003. Bugtraq.
16. Mike Frantzen and Mike Shuey. StackGhost: Hardware Facilitated Stack Protection. In US-ENIX Security Symposium, Washington, DC, August 2001.
17. Intel. IA-32 Intel Architecture Software Developer's Manual. Intel Corporation, 2002.
18. Trevor Jim, Greg Morrisett, Dan Grossman, Michael Hicks, James Cheney, and Yanling Wang. Cyclone: A Safe Dialect of C. In Proceedings of USENIX Annual Technical Conference, Monteray, CA, June 2002.
19. Richard Jones and Paul Kelly. Bounds Checking for C. http://www-ala.doc.ic.ac.uk/phjk/BoundsChecking.html, July 1995.
20. Michel Kaempf. [synnergy] - Sudo Vudo. http://online.securityfocus.com/archive/1/189037, June 6 2001. Bugtraq.
21. Brian W. Kernighan and Dennis M. Ritchie. The C Programming Language. Prentice Hall, Englewood Cliffs, NJ, second edition, 1988.
22. Greg McGary. Bounds Checking in C & C++ Using Bounded Pointers. http://gcc.gnu.org/projects/bp/main.html, 2000.
23. Motorola, Inc. MC68020 32-bit Microprocessor User's Manual, second edition, 1984.
24. George C. Necula, Scott McPeak, and Westley Weimer. CCured: Type-Safe Retrofitting of Legacy Code. In Proceedings of the 29th ACM Symposium on Principles of Programming Languages (POPL02), London, England, January 2002. Also available at http://raw.cs.berkeley.edu/Papers/ccured-popl02.pdf.
25. "Aleph One". Smashing The Stack For Fun And Profit. Phrack, 7(49), November 1996.
26. "Zen Parse". ADV/EXP: netkit less than 0.17 in.telnetd remote buffer overflow. http://online.securityfocus.com/archive/1/203000, August 10 2001. Bugtraq.
27. "Zen Parse". Re: exploiting wu-ftpd. http://online.securityfocus.com/archive/82/244938, December 12 2001. Bugtraq.
28. David A. Patterson and John L. Hennessy. Computer Architecture: A Quantitative Approach. Morgan Kaufmann, San Mateo, CA, first edition, 1990.
29. Roldan Pozo and Bruce Miller. SciMark 2.0. http://math.nist.gov/scimark, June 20 2000.
30. Alexander Snarskii. FreeBSD Stack Integrity Patch. ftp://ftp.lucky.net/pub/unix/local/libc-letter, 1997.
31. Herman ten Brugge. Bounds Checking C Compiler. http://web.inter.NL.net/hcc/Haj.Ten.Brugge/, 1998.