From: "David Litchfield" <davidl@ngssoftware.com.>
To: <bugtraq@securityfocus.com.>
Subject: AIX Heap Overflow paper
Date: Thu, 15 Dec 2005 18:00:15 -0000
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset="iso-8859-1";
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-Virus-Scanned: antivirus-gw at tyumen.ru
I've just published a paper on AIX heap overflows. I wrote it back in August
but wanted to wait until a couple of flaws I discovered whilst researching
the topic were fixed by IBM. IBM released the patches today. You can get the
paper at http://www.databasesecurity.com/dbsec/aix-heap.pdf
Cheers,
David Litchfield
