grsecurity forums

Skip to content

"Return to function" still vulnerable

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.
Topic locked

"Return to function" still vulnerable

Postby harrygittens » Fri Feb 16, 2007 2:27 pm

Hello

2.6.19.2 and latest grsecurity. In config, grsecurity was set to HIGH and no other options touched.

paxtest on kiddie mode, everything was killed except these:
Code: Select all
Return to function (strcpy)              : Vulnerable
Return to function (strcpy, RANDEXEC)    : Vulnerable
Return to function (memcpy)              : Vulnerable
Return to function (memcpy, RANDEXEC)    : Vulnerable

How do I plug these?

thank you
harrygittens
 
Posts: 21
Joined: Fri Feb 16, 2007 2:20 pm
Top

Re: "Return to function" still vulnerable

Postby PaX Team » Mon Feb 19, 2007 11:29 am

harrygittens wrote:Hello

2.6.19.2 and latest grsecurity. In config, grsecurity was set to HIGH and no other options touched.

paxtest on kiddie mode, everything was killed except these:
Code: Select all
Return to function (strcpy)              : Vulnerable
Return to function (strcpy, RANDEXEC)    : Vulnerable
Return to function (memcpy)              : Vulnerable
Return to function (memcpy, RANDEXEC)    : Vulnerable

How do I plug these?
how about searching the forum next time? there's a reason those tests fail: http://forums.grsecurity.net/viewtopic.php?p=5558
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm
Top

Postby harrygittens » Mon Feb 19, 2007 6:10 pm

I would if there was a search button ;)
harrygittens
 
Posts: 21
Joined: Fri Feb 16, 2007 2:20 pm
Top

Postby spender » Tue Feb 20, 2007 8:27 pm

The google search bar above will allow you to search through all the forum posts

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm
Top
Topic locked

Return to grsecurity support

Powered by phpBB® Forum Software © phpBB Group
cron