Check out the new USENIX Web site. next up previous
Next: Other code pointers Up: Exploitation techniques Previous: Exploitation techniques

Return-into-libc

The return-into-libc exploit [18,13] overflows a buffer to overwrite the return address as the stack smashing attack does. However it overwrites the return address with the address of C library function such as system(). Since it uses an existing code rather than a shellcode, Solar Designer's non-executable stack patch or PaX cannot detect this 2.