Technical report detail

Understanding vulnerabilities

by Aliaksei Tsitovich


The nature of software security vulnerabilities is hidden deep in to the technical details of publicly available reports. In order to reveal it we manually investigated the Debian Security Advisory list. The primary goal was to classify the vulnerabilities according to it's technical nature, not to the way it is exploited. Several types of buffer overflow problem were revealed. Special attention was dedicated to the cases different from the standard buffer overflow. For each classified type an idea of possible solution was given.


Technical report 2007/07, August 2007

BibTex entry

@techreport{07understanding, author = {Aliaksei Tsitovich}, title = {Understanding vulnerabilities}, institution = {University of Lugano}, number = {2007/07}, year = 2007, month = aug }