|
Abstract : |
The exploitation of buffer overflow vulnerabilities in process stacks constitutes a significant portion of security attacks. We present a new method to detect and handle such attacks. In contrast to previous methods, this new method works with any existing pre-compiled executable and can be used transparently, even on a system-wide basis. The method intercepts all calls to library functions that are known to be vulnerable. A substitute version of the corresponding function implements the original functionality, but in a manner that ensures that any buffer overflows are contained within the current stack frame. This method has been implemented on Linux as a dynamically loadable library called libsafe. Libsafe has been shown to detect several known attacks and can potentially prevent yet unknown attacks. Experiments indicate that the performance overhead of libsafe is negligible. The initial version of libsafe was released in April 2000. [3] Recently, another widespread vulnerability has received a great deal of attention: the format string vulnerability. The latest version of libsafe, version 2.0, implements a solution for detecting and handling the most dangerous format string vulnerability exploits, while preserving the low overhead and ease of use of the original libsafe., |
