Check out the new USENIX Web site. next up previous
Next: Conclusions and Future Work Up: Experimental Results Previous: Run-Time Overhead

Resilience to Buffer Overflow Attacks

The Windows help program (Winhlp32.exe) on Windows NT 4.0 with Service Pack 4 has a buffer overflow vulnerability, which occurs when it reads a content file (.CNT) with a very long heading string . We instrumented Winhlp32.exe using our binary-rewriting RAD tool, and the augmented binary successfully resists the attack mounted by a published exploit code [3].

Manish Prasad
2003-04-05