Vuln Researchers Aiming In A Different Direction

Aelphaeis_Mangarae · 06-08-2006, 06:34 AM

Vuln Researchers Aiming In A Different Direction

By Aelphaeis Mangarae [irc.efnet.org #d-u] [adm1n1strat10n AT hotmail DOT com]
SecurZone [http://SecurZone.org] IT Sec Articles
6th of August 2006

Easy to find flaws in operating systems are disappearing. Vulnerability researchers have started to focus on finding flaws in Drivers and other applications.

During a presentation, two researchers from the security firm Matasano presented the results of their research on common software agents included on many enterprise computer systems.

The two researchers, David Goldsmith and Thomas Ptacek, found numerous vulnerabilities in the agents designed to handle automatic updating, schedule backup tasks and handle support requests, the researchers said.

In another presentation, two other researchers - SecureWorks flaw finder David Maynor and "johnny cache" - showed off a method of compromising laptop computers through flaws in the wireless drivers installed on the machine.

"Now that the OS layer is harder to crack, you are seeing a lot more people going higher up the stack, to applications, or lower, to device drivers," Maynor said.

"The amazing thing is that the vulnerabilities we found were simple, they were 1993 vulnerabilities," he said. "These have clearly not been looked at before. We are talking straight-up stack overflows-the first thing that someone would test for if they were doing an audit."

I would say it is likely the main reason vulnerabilities such as stack overflows are harder to find in operating system components is because of stack and heap overflow protections implemented in some operating systems. Such as Microsoft Windows XP Service Pack 2.

Since researchers are now shifting more of their effort into discovering vulnerabilities into find vulnerabilities in drivers and applications will we will stack and heap overflow protections implemented into device drivers and applications?

http://www.securzone.org/community/i...?showtopic=662

Venom · 06-08-2006, 07:16 AM

Yeah this was revealed in that BH conf, good to see :]

06-08-2006, 06:34 AM	#1 (permalink)
Aelphaeis_Mangarae Right Off the Assembly Line Join Date: Aug 2006 Posts: 1	Vuln Researchers Aiming In A Different Direction Vuln Researchers Aiming In A Different Direction By Aelphaeis Mangarae [irc.efnet.org #d-u] [adm1n1strat10n AT hotmail DOT com] SecurZone [http://SecurZone.org] IT Sec Articles 6th of August 2006 Easy to find flaws in operating systems are disappearing. Vulnerability researchers have started to focus on finding flaws in Drivers and other applications. During a presentation, two researchers from the security firm Matasano presented the results of their research on common software agents included on many enterprise computer systems. The two researchers, David Goldsmith and Thomas Ptacek, found numerous vulnerabilities in the agents designed to handle automatic updating, schedule backup tasks and handle support requests, the researchers said. In another presentation, two other researchers - SecureWorks flaw finder David Maynor and "johnny cache" - showed off a method of compromising laptop computers through flaws in the wireless drivers installed on the machine. "Now that the OS layer is harder to crack, you are seeing a lot more people going higher up the stack, to applications, or lower, to device drivers," Maynor said. "The amazing thing is that the vulnerabilities we found were simple, they were 1993 vulnerabilities," he said. "These have clearly not been looked at before. We are talking straight-up stack overflows-the first thing that someone would test for if they were doing an audit." I would say it is likely the main reason vulnerabilities such as stack overflows are harder to find in operating system components is because of stack and heap overflow protections implemented in some operating systems. Such as Microsoft Windows XP Service Pack 2. Since researchers are now shifting more of their effort into discovering vulnerabilities into find vulnerabilities in drivers and applications will we will stack and heap overflow protections implemented into device drivers and applications? http://www.securzone.org/community/i...?showtopic=662

06-08-2006, 07:16 AM	#2 (permalink)
Venom In The Zone Join Date: Jun 2006 Posts: 240	Re: Vuln Researchers Aiming In A Different Direction Yeah this was revealed in that BH conf, good to see :] __________________ From now on we are poison to you, that's why we call ourselves, the Venom!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Popular Categories

Popular Articles

Content Categories

Sister Sites

Follow Us

Facebook Channels

Digit Magazine

	Advertisements. Register and be a member of the community to get rid of them.
Advertisement