diff -r f3d5e57ca00a -r b6eb8142dec1 handouts/ho03.tex --- a/handouts/ho03.tex Fri Feb 12 05:33:38 2016 +0000 +++ b/handouts/ho03.tex Mon Feb 22 22:09:44 2016 +0000 @@ -49,11 +49,30 @@ \end{tikzpicture} \end{center} -\noindent This statistics shows that in the last seven years -or so the number of buffer overflow attacks is around 10\% of -all attacks (whereby the absolute numbers of attacks grow each -year). So you can see buffer overflow attacks are very -relevant today. +\noindent This statistics shows that in the last seven years or so the +number of buffer overflow attacks is around 10\% of all attacks +(whereby the absolute numbers of attacks grow each year). So you can +see buffer overflow attacks are very relevant today. For example, very +recently (February 2016) a buffer overflow attack was discovered in the glibc +library:\footnote{\url{http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-dizzying-number-of-apps-and-devices-vulnerable/}} + +\begin{quote}\it +``Since 2008, vulnerability has left apps and hardware open to remote + hijacking. Researchers have discovered a potentially catastrophic flaw in + one of the Internet's core building blocks that leaves hundreds or + thousands of apps and hardware devices vulnerable to attacks that can take + complete control over them. The vulnerability was introduced in 2008 in + GNU C Library, a collection of open source code that powers thousands of + standalone applications and most distributions of Linux, including those + distributed with routers and other types of hardware. A function known as + getaddrinfo() that performs domain-name lookups contains a buffer overflow + bug that allows attackers to remotely execute malicious code. It can be + exploited when vulnerable devices or apps make queries to + attacker-controlled domain names or domain name servers or when they're + exposed to man-in-the-middle attacks where the adversary has the ability + to monitor and manipulate data passing between a vulnerable device and the + open Internet. All versions of glibc after 2.9 are vulnerable.'' +\end{quote} To understand how buffer overflow attacks work, we have to have