10 December 2001
David Larochelle
13
Case studies
•wu-ftpd
2.5 and BIND 8.2.2p7
–Detected
known buffer overflows
–Unknown
buffer overflows exploitable with write access to config
files
•Performance
–wu-ftpd:
7 seconds/ 20,000 lines of code
–BIND:
33 seconds / 40,000 lines
–Athlon
1200 MHz