![[Search]](/static/images/search.gif){kind=small}
![[A-Z Index]](/static/images/az.gif){kind=small}
![[Contact]](/static/images/contact.gif){kind=small}
![[University of Cambridge]](/static/images/identifier2.gif){kind=small}
![[Talks.cam]](/static/images/talkslogosmall.gif)
Friday 03 August 2007, 16:00-16:30
Exploiting concurrency vulnerabilities in system call wrappers
â ī¸ Important: Practice talk for USENIX Security WOOT
- đ¤ Speaker: Robert Watson (University of Cambridge)
- đ Date & Time: Friday 03 August 2007, 16:00 - 16:30
- đ Venue: Computer Laboratory, William Gates Building, Room FW11
Questions? Contact
Steven J. Murdoch
Abstract
System call interposition allows the kernel security model to be extended. However, when combined with current operating systems, it is open to concurrency vulnerabilities leading to privilege escalation and audit bypass. We discuss the theory and practice of system call wrapper concurrency vulnerabilities, and demonstrate exploit techniques against GSWTK , Systrace, and CerbNG.
Series This talk is part of the Computer Laboratory Security Group meeting presentations series.
Included in Lists
- All Talks (aka the CURE list)
- bld31
- Cambridge talks
- Computer Laboratory Security Group meeting presentations
- Computer Laboratory, William Gates Building, Room FW11
- Department of Computer Science and Technology talks and seminars
- Interested Talks
- School of Technology
- Security-related talks
- Trust & Technology Initiative - interesting events
- yk449
Note: Ex-directory lists are not shown.