|
|
|
Stack overflow enables hackers to execute arbitrary commands on remote or local systems, many times as the root user (the superuser). They do this by exploiting bugs in the operating system or other programs. These bugs allow users to overwrite the program stack, changing the next command to be executed.
Stack overflow is not simply a bug; it is possible to create a block that overwrites the return address with a meaningful address, resulting in transferred control to unauthorized code (usually in the same block).
Stack Overflow Protection (STOP) is a feature that prevents hackers from creating and exploiting stack overflow to break into systems.
Note: The STOP feature on Red Hat Linux and SuSE Linux is not activated when Linux native stack randomization (ExecShield randomize) is enforced.
On Linux s390 RHEL 4, native stack randomization does not work and must be deactivated for STOP to be active. To deactivate native stack randomization, enter the following command:
echo 0 > /proc/sys/kernel/exec-shield-randomize
| Copyright © 2013 CA. All rights reserved. |
|