Exploiting concurrency vulnerabilities in system call wrappers
Add to your list(s)
Download to your calendar using vCal
If you have a question about this talk, please contact Steven J. Murdoch.
Practice talk for USENIX Security WOOT
System call interposition allows the kernel security model to be extended. However, when combined with current operating systems, it is open to concurrency vulnerabilities leading to privilege escalation and audit bypass. We discuss the theory and practice of system call wrapper concurrency vulnerabilities, and demonstrate exploit techniques against GSWTK , Systrace, and CerbNG.
This talk is part of the Computer Laboratory Security Group meeting presentations series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
|
![[Search]](https://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](https://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](https://talks.cam.ac.uk/images/contact.gif?1209136071)
![[University of Cambridge]](https://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small}
![[Talks.cam]](https://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071)
Friday 03 August 2007, 16:00-16:30