latest news
blog posts
latest advisories
featured links

Update on canary randomisation for hardened Linux applications

[ posted by dimitris on 03.04.2010 ]

This article is a followup to our last year’s advisory on canary randomisation for applications of the Debian distribution.

I was recently asked what the currently employed method is for canary randomisation in SSP-armoured Linux applications. I’ve been meaning to write an article on this for some time now, but didn’t have the necessary time. So here it is (albeit a little late).

 read more...

Linux kernel SUNRPC off-by-two buffer overflow

[ posted by argp on 01.12.2009 ]
census ID:census-2009-0005
Affected Products:Linux kernel versions from 2.6.32 to 2.6.32-rc7.
Class:Off-by-two stack buffer overflow.
Discovered by:Patroklos Argyroudis

We have found an off-by-two stack buffer overflow in the Linux kernel SUNRPC implementation. Linux kernel versions from 2.6.32 to 2.6.32-rc7 are affected.

 read more...

ld-linuxv.so.1 rootkit

[ posted by argp on 21.08.2009 ]
Yesterday I helped my friend kargig to analyse a rootkit he has recovered from a compromised Linux system. You can find the complete write-up at his blog.