All of this brings up a couple of questions for me: 1. As I understand it, all this can be avoided by applying the simple, longtime standard maxim of "trust no input," correct? (If correct, this leads me to murmur rhetorically "Have today's developers no discipline?")
2. If the above is incorrect, and system messages such as event notifications (onClick, etc.) can be compromised, then developers using tools such as Visual Basic are essentially helpless to harden their applications. Other than going back to writing in assembly, what is the modern developer to do? We have here an exclusive or: Which is it - 1 or 2 or neither? Thanks, -Greg =============== Ford CIRT [EMAIL PROTECTED] =============== -----Original Message----- From: Paul Starzetz [mailto:[EMAIL PROTECTED]] Sent: Monday, August 26, 2002 10:47 AM To: Andrey Kolishak; [EMAIL PROTECTED] Subject: Re: White paper: Exploiting the Win32 API. Andrey Kolishak wrote: > >There is also article of Symeon Xenitellis "A New Avenue of Attack: >Event-driven system vulnerabilities" >http://www.isg.rhul.ac.uk/~simos/event_demo/ > > > In fact, the problem is similar to U*ix signals, except that there is no jump-to-address argument for usual. Remember that old ping bug which allowed users to flood the network by sending SIGALRM in some old ping implementations. Maybe reading some manuals about safe signal handling would be a good lecture for Windows developers too: http://www.faqs.org/faqs/unix-faq/programmer/secure-programming/ Section 3.3 especially regards /ih
