[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] An analysis of Microsoft Windows Vista’s ASLR

To: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] An analysis of Microsoft Windows Vista’s ASLR
From: Renaud Lifchitz <r.lifchitz@xxxxxxxxxxxx>
Date: Thu, 28 Sep 2006 17:20:01 +0200

Windows Vista includes a new memory protection system called ASLR. Its
goal is to escape buffer overflow attacks in vulnerable programs. One of
our consultant, Ali Rahbar, has made a complete study of this security
mechanism, and found a new implementation flaw that allows to bypass
this protection :

http://www.sysdream.com/articles/Analysis-of-Microsoft-Windows-Vista's-ASLR.pdf


Regards,

Renaud Lifchitz
Information Security Consultant
SYSDREAM: http://www.sysdream.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] [ GLSA 200609-18 ] Opera: RSA signature forgery
Next by Date: [Full-disclosure] [USN-353-1] openssl vulnerabilities
Previous by thread: [Full-disclosure] [ GLSA 200609-18 ] Opera: RSA signature forgery
Next by thread: [Full-disclosure] [USN-353-1] openssl vulnerabilities
Index(es):
- Date
- Thread