Check out the new USENIX Web site. next up previous
Next: Multi-threaded Applications Up: Limitations Previous: Security Weaknesses Due to

Potential buffer overflow attacks due to limitations of RAD

As in RAD [1], the current binary-rewriting RAD prototype can protect applications from any kind of buffer overflow attack that corrupts the return address on the stack. Thus it can resist conventional stack smashing attacks and frame pointer based attacks [19]. However, it cannot prevent memory pointer corruption attacks [18], which do not affect the return address in any way. They simply modify the contents of the import table (Global Offset Table - GOT or Import Address Table - IAT), which makes it impossible for RAD to detect them. Fortunately, no actual network security breach incidents that are based on this type of attacks have been reported.

Manish Prasad
2003-04-05