• LOpht Heavy Industries http://l0pht.com/advisories
  • Buffer Overflows: A Summary http://mayor.dia.fi.upm.es/~alopez/bugs/bugtraq/0100.html
  • Netcraft Internet Security Diary (should ask them about their list of vulnerabilities and code) http://www.netcraft.co.uk/security/diary.html
  • Bill Cheswick's Homepage http://cm.bell-labs.com/who/ches/
  • Bugtraq's Archives (seems it may have stopped at 1st qtr 1997) http://www.geek-girl.com/bugtraq/
  • Bugtraq's Archives (since 1997) http://mayor.dia.fi.upm.es/~alopez/bugs/bugtraq_index.html
  • CIAC Bulletins http://ciac.llnl.gov/cgi-bin/index/bulletins
  • CERT Advisories ftp://info.cert.org/pub/cert_advisories/
  • AusCert Security Advisories and Bulletins http://www.auscert.org.au/information/advisories.html
  • Secure Networks (SNI) Advisories (see also the "other public advisories" link) http://www.secnet.com/nav1.html
  • Secure Networks (SNI) NT Advisories http://www.secnet.com/nav4.html
  • Fyodor's Exploit World http://www.parodius.com/~splice/rush/exploits.2/sploits.html
  • Security Information, Stories, and Incidents http://www.njh.com/latest/index.html
  • Rootshell.com http://www.rootshell.com/
  • CONNECTnet Security FTP site ftp://ftp.connectnet.com/pub/security/
  • Armageddon - Site in Exile http://main.succeed.net/~coder/
  • Linux Security Homepage http://www.ecst.csuchico.edu/~jtmurphy/
  • NT Security FAQ http://www.it.kth.se/~rom/ntsec.html
  • Short Bug list http://mayor.dia.fi.upm.es/~alopez/bugs/mail/index.html
  • 8LGM (seems to be dead now -- no DNS entry) http://www.8lgm.org
  • HP Bug of the Week (Scriptors of DOOM) (I have this archived) http://command.com.inter.net/~sod/
  • Archives of comp.security.unix ftp://ftp.soils.umn.edu/pub/info/news-archives/comp/security/unix/
  • Aleph One's Underground (see "bugs" frame) http://www.underground.org/
  • ISS X-Force Vulnerablity Database http://iss.net/xforce/
  • Ice-9's Eleet h0mE p4gE (exploits) http://www.paranoia.com/~ice9/toolz.html
  • Infilsec - Systems Security: Vulnerability Engine (vulnerabilities link) http://www.infilsec.com/
  • r00t (seems missing... sure they are *somewhere*) http://www.escape.com/
  • Darksun Communications - Unix Scripts http://www.bayside.net/users/zd/unix.htm
  • Sito`s C -Progs - Page http://alma.student.uni-kl.de/~msiegris/irc/cprogs.html
  • Building Jails (shows current vuln w/them) http://www.cs.berkeley.edu/~daw/janus/
  • Inetnet Security and E-commerce papers http://irdu.nus.sg/security/library1.html Stack Smashing Security Vulnerabilities

    By combining permission features of UNIX operating system and features of the C programming language, it is possible for an unprivileged user or process to gain unrestricted system privilege. Common to many high profile UNIX security incidents, this page contains links that analyze how these exploits are constructed, why they work and what can be done to prevent the problem.

    nate's paper

    Download a copy of Nate's rant on Stack Smashing "Stack Smashing Vulnerabilities in the UNIX Operating System" in postscript format. Or, download this version if that postscript is too toxic for you :-)

    links

    • Aleph One's "Smashing The Stack For Fun And Profit" from Phrack 49
    • Mudge's "Compromised - Buffer - Overflows, from Intel to SPARC Version 8"
    • Mudge's "How to write Buffer Overflows"
    • Lefty's "Buffer Overruns, whats the real story?"
    • Prym's "finding and exploiting programs with buffer overflows"
    • Richard Jones and Paul Kelly's bounds checking patches to GCC
      • download
    • Solar Designer's Non-executable user stack area -- Linux kernel patch
    • Alexandre Snarskii's FreeBSD stack integrity patch
    • Miller, Fredrickson and So's "An Empirical Study in the Reliability of UNIX utilities"
    • Willy Tarrau's "The Buffer Overflow Problem" Secure Programming Hints
      ftp://ftp.auscert.org.au/pub/auscert/papers/secure_programming_checklist
      http://www.cs.princeton.edu/sip/