On 8/3/05, Saku Ytti <[EMAIL PROTECTED]> wrote: > You might want to read lynn-cisco.pdf. This means that today to > exploit heap overflows you need to know the offsets per release, supposedly > tomorrow the offsets will be static per releasese in new (in some terms > better) > architecture, which will make exploiting heap overflows much more feasible.
without getting *too* off topic... ...here's what the junior kernel hacker in me doesn't quite understand - doesn't software like ProPolice and it's brethren mitigate this type of vulnerability specifically? What, precisely, prevents Cisco from implementing such code in with their architecture? aaron.glenn
