Black Hat Europe 2011 update
Black Hat Europe 2011 is now over and we are very happy to have participated once again in the best European IT security conference!
FreeBSD kernel exploitation mitigations
In my recent Black Hat Europe 2010 talk I gave an overview of the kernel exploitation prevention mechanisms that exist on FreeBSD. A few people at the conference have subsequently asked me to elaborate on the subject. In this post I will collect all the information from my talk and the various discussions I had in the Black Hat conference hallways.
Update on canary randomisation for hardened Linux applications
This article is a followup to our last year’s advisory on canary randomisation for applications of the Debian distribution.
Static SSP canary in Debian libc6
| CENSUS ID: | CENSUS-2009-0001 |
| Affected Products: | All SSP-armoured applications, statically or dynamically linked against the libc6 library (versions ≤ 2.7) provided by the Debian GNU/Linux project. |
| Class: | Degraded performance of security mechanism due to misconfiguration. |
| Discovered by: | Dimitris Glynos |
We have found that Debian packages of the GNU libc library (versions prior to and including 2.7) provide a static (i.e. guessable) canary value to all applications armoured with the gcc SSP mechanism.