Feeds

Firm finds danger in dangling pointers

New buffer overflow threat

The essential guide to IT transformation

Microsoft's Security Response Centre also had other problems. Less than two weeks later, zero-day details on a vulnerability in the handling of the Windows Meta File (WMF) format had leaked to the Internet, and the software giant had to scramble to develop a patch.

The software giant fixed the IIS flaw as part of its regularly schedule Patch Tuesday on 10 July. The software giant would only comment on the patch, not the flaw itself.

Security researchers have known that dangling pointers can be an exploitable vulnerability; it is not a new concept.

Last week, security firm iDefense published details on an exploitable dangling pointer flaw in the Opera web browser. The vulnerability was caused by the browser's misuse of application memory when removing BitTorrent transfers from the transfer list.

Determining whether such vulnerabilities can be exploited is not a trivial task, said Sean Larsson, security intelligence engineer for Internet and security services firm VeriSign, iDefense' parent company.

"There are more reported buffer overflow vulnerabilities than dangling pointer vulnerabilities," Larsson stated in an e-mail interview with SecurityFocus. "However, that doesn't necessarily mean that dangling pointer vulnerabilities are not common. Depending on the behaviour of the program, a dangling pointer vulnerability might not even result in a crash, which makes it difficult to detect."

Opera patched the vulnerability in an update released last week in coordination with iDefense's announcement.

Watchfire called such announcements the "tip of the iceberg".

The security-audit firm would give few details before the Black Hat presentation, but did say that the applications most in danger are web servers and operating systems, followed by client software used to access the internet, such as web browsers. Also, programming languages that automatically clean up memory when an object is deleted - called implicit garbage collection - will not be affected by dangling pointers.

"It is very technical and sophisticated, more so than exploiting a buffer overflow," Allan said. "Any application that is remotely accessible to me is my biggest target. Any software that does not have implicit garbage collection is going to be a target."

"My guess is there will be a lot of research into dangling pointers in the future," he said.

This article originally appeared in Security Focus.

Copyright © 2007, SecurityFocus

Next gen security for virtualised datacentres

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
KER-CHING! CryptoWall ransomware scam rakes in $1 MEEELLION
Anatomy of the net's most destructive ransomware threat
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?