Vuln Researchers Aiming In A Different Direction

Discussion in 'Technology News' started by Aelphaeis_Mangarae, Aug 6, 2006.

Thread Status:
Not open for further replies.
  1. Aelphaeis_Mangarae

    Aelphaeis_Mangarae New Member

    Joined:
    Aug 5, 2006
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    Vuln Researchers Aiming In A Different Direction

    By Aelphaeis Mangarae [irc.efnet.org #d-u] [adm1n1strat10n AT hotmail DOT com]
    SecurZone [http://SecurZone.org] IT Sec Articles
    6th of August 2006

    Easy to find flaws in operating systems are disappearing. Vulnerability researchers have started to focus on finding flaws in Drivers and other applications.

    During a presentation, two researchers from the security firm Matasano presented the results of their research on common software agents included on many enterprise computer systems.

    The two researchers, David Goldsmith and Thomas Ptacek, found numerous vulnerabilities in the agents designed to handle automatic updating, schedule backup tasks and handle support requests, the researchers said.

    In another presentation, two other researchers - SecureWorks flaw finder David Maynor and "johnny cache" - showed off a method of compromising laptop computers through flaws in the wireless drivers installed on the machine.

    "Now that the OS layer is harder to crack, you are seeing a lot more people going higher up the stack, to applications, or lower, to device drivers," Maynor said.

    "The amazing thing is that the vulnerabilities we found were simple, they were 1993 vulnerabilities," he said. "These have clearly not been looked at before. We are talking straight-up stack overflows-the first thing that someone would test for if they were doing an audit."

    I would say it is likely the main reason vulnerabilities such as stack overflows are harder to find in operating system components is because of stack and heap overflow protections implemented in some operating systems. Such as Microsoft Windows XP Service Pack 2.

    Since researchers are now shifting more of their effort into discovering vulnerabilities into find vulnerabilities in drivers and applications will we will stack and heap overflow protections implemented into device drivers and applications?

    http://www.securzone.org/community/index.php?showtopic=662
     
  2. Venom

    Venom New Member

    Joined:
    Jun 13, 2006
    Messages:
    240
    Likes Received:
    2
    Trophy Points:
    0
    Yeah this was revealed in that BH conf, good to see :]
     
Thread Status:
Not open for further replies.

Share This Page