ASLR unsicher?

cibomato · February 15, 2017, 08:54:59 PM

Jetzt ist das gerade neu in OPNsense und nun das:
https://www.heise.de/newsticker/meldung/Schutz-durch-Speicherverwuerfelung-ASLR-geknackt-3627176.html

Was ist davon zu halten?

Viele Grüße,

Jochen

weust · February 15, 2017, 09:20:42 PM

That only applies to Webbrowsers. OPNsense isn't one ;-)

fabian · February 15, 2017, 09:37:49 PM

No, it applies to any application, however if you can execute this type of attack, broken ASLR is the smallest problem (this means the attacker can already execute code).

franco · February 15, 2017, 09:59:33 PM

A few notes from Shawn on the particular attack:

https://github.com/lattera/articles/blob/master/infosec/Exploit%20Mitigations/ASLR/2017-02-15_anc/article.md

lattera · February 15, 2017, 10:44:48 PM

ASLR is still an awesome addition to OPNsense since the AnC attack doesn't really apply to the applications installed on a typical OPNsense deployment. In order to carry out the attack, the attacker must be able to instrument the MMU, which is only possible with applications that accept and execute attacker-controlled code and provide performance APIs (like javascript in popular web browsers).

ASLR unsicher?

cibomato

February 15, 2017, 08:54:59 PM

weust

February 15, 2017, 09:20:42 PM #1

fabian

February 15, 2017, 09:37:49 PM #2

franco

February 15, 2017, 09:59:33 PM #3

lattera

February 15, 2017, 10:44:48 PM #4