Dr. Yves Younan
Yves Younan is a Senior Research Engineer in the Vulnerability Research Team (VRT) at Sourcefire where he works on vulnerabilities and mitigations. Prior to joining Sourcefire, he worked as a Security Researcher with BlackBerry Security at Research In Motion. Before joining RIM, he was an academic, founding the Native Code Security group within the DistriNet research group at the KU Leuven in Belgium. He received a Master's degree in Computer Science from the Vrije Universiteit Brussel (VUB) and a PhD in Engineering: Computer Science from KU Leuven. His PhD focused on building efficient mitigations against vulnerability exploitation, several practical mitigations were published and presented at international conferences.
C and C++ vulnerabilities, exploits and countermeasures
The C and C++ programming languages have some serious shortcomings from the point of view of security. Certain kinds of bugs in these languages can have disastrous consequences. Stack- or heap-based buffer overruns, double frees, dangling pointers, race conditions and format-string related vulnerabilities are typical examples of bugs that can make a C/C++ application vulnerable to extremely powerful attacks such as code injection.
In a code injection attack, an attacker succeeds in running code of his choosing on the target machine. This module will discuss the most important types of vulnerabilities, and will demonstrate, by example, how they can be exploited.
Programmers must avoid these vulnerabilities by observing strict coding disciplines to compensate for the freedom offered by the language and execution environment. Recently, improvements to the compiler and run-time environment have aided in mitigating the risk. An overview of such recent infrastructural improvements such as address space randomization and stack canaries is presented. The module also looks at how attackers have developed ways around some of these techniques.
The following papers are useful for the module: