Example Sin

Previous page
Table of content
Next page

The following entry in Common Vulnerabilities and Exposures (CVE) at http:// cve.mitre.org is an example of this sin.

CAN-2004-0077 Linux Kernel do_mremap

This is probably the most famous forgot to check the return value bug in recent history because many Internet-connected Linux machines were compromised through this bug. Theres a great write-up by the finders , and sample exploit code at http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt.

Note 

There were a cluster of Linux Kernel memory manager security bugs in late 2003 and early 2004, including two bugs in this area, so do not confuse this bug with the other remap bug: CAN-2003-0985.


Previous page
Table of content
Next page
19 Deadly Sins of Software Security. Programming Flaws and How to Fix Them
Writing Secure Code
ISBN: 71626751
EAN: 2147483647
Year: 2003
Pages: 239
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
Absolute Beginner[ap]s Guide to Project Management
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
C++ How to Program (5th Edition)
802.11 Wireless Networks: The Definitive Guide, Second Edition
What is Lean Six Sigma
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy