> From: Jon Kibler [mailto:Jon.Kibler@xxxxxxxx] > Sent: Thursday, 12 June, 2008 14:54 > To: bugtraq@xxxxxxxxxxxxxxxxx > > 2) Are the boxes really just unstable to malformed network > data, but not exploitable? Exploiting data-handling vulnerabilities (as opposed to design vulnerabilities, like missing access checks) is difficult on the AS/400 (aka iSeries, and various other names), because it's a capability architecture. Attacks like stack overflows don't apply to the '400 the way they do to more common virtual-address-space systems. Of course that doesn't mean that they're not exploitable, just that the exploits will take different forms. (In most cases - processes running in the PASE enviroment are an exception, though I couldn't say just what access you might get by breaking one.) I think it's an area that's definitely worth investigation, but few researchers (whatever their hat color) seem to have done much with capability architectures in general or the '400 in particular. And it doesn't look like many are motivated to acquire the necessary knowledge to do so. That is a bit of a shame, as capability architectures are interesting in themselves, and have interesting security implications, and the '400 has shown that they're commercially viable. Intel's early effort at a capability architecture (the 432) died because it couldn't compete on performance, but the long life of the '400 suggests that perhaps the time is right to try again. -- Michael Wojcik Principal Software Systems Developer, Micro Focus
