Avaya Labs announced yesterday it is releasing Libsafe 2.0, an enhanced version of its free security software for the popular Linux operating system. Libsafe version 2.0 adds the ability to protect against security attacks that exploit "format string" vulnerabilities in software, including programs that are widely deployed as part of the Internet infrastructure.
As a result, Libsafe 2.0 protects against the two most common forms of security attacks: "buffer overflow" and "format string." Libsafe extends its protection to all application programs running on a system, and will even help to protect programs that have vulnerabilities yet to be discovered.
Avaya Labs is the research and development arm of Avaya, a global leader in business communication solutions and services. The announcement was made at CeBIT, a communications show taking place here.
"Enterprises worldwide are deploying servers and communication networks, counting on the high reliability of Linux," said Ravi Sethi, president of Avaya Labs. "Avaya is making Libsafe 2.0 available free to help protect our customers, existing and potential, from malicious security attacks. Our customers already benefit from additional Avaya Labs technology to enhance reliability by protecting against inadvertent errors."
Security is a critical issue for businesses, particularly as they build their data networks. Avaya recently further strengthened its portfolio of security products for businesses by acquiring VPNet Technologies Inc. -- an award-winning provider of virtual private networks and services -- and by acquiring certain security-related products from CyberIQ.
Libsafe 2.0 detects and protects against both format string and buffer overflow attacks, which allow a non-authorized user to take control of a server by exploiting loopholes. The loopholes allow a malicious user to insert code into a running program and then hijack control to execute the inserted code instead. The non-authorized user could then access private data or stage attacks against other machines. The attack proceeds by sending carefully formed requests to vulnerable server programs that set the stage for the hacker to write a string of characters that overwrite the server program`s memory and trick it into handing control to the attacker.
Earlier this year, the CERT Coordination Centre at Carnegie Mellon University in Pittsburgh warned about format string and buffer overflow vulnerabilities in widely-used Internet name-server software called BIND (Berkeley Internet Name Domain). The CERT advisory notes: "Because the majority of name servers in operation today run BIND, these vulnerabilities present a serious threat to the Internet infrastructure."
For the past several years, buffer overflows have been the most common form of computer security vulnerability exploited by intruders, according to the Oregon Graduate Institute of Science & Technology (OGI).
Libsafe was developed by Avaya Labs researchers Navjot Singh and Timothy Tsai. "It is generally accepted that the best solution to these security attacks is to fix the defective program," said Singh. "But to do that, you have to know the program is defective. Libsafe helps to protect against future attacks, even on programs not yet known to be vulnerable."
Avaya Labs is making Libsafe freely available under the GNU Lesser General Public License. Users and developers who would like further information and the Libsafe source code can visit http://www.research.avayalabs.com/project/libsafe.html.
Libsafe is easy to use, requires no special security expertise and can be installed in minutes. Tests by Avaya Labs have shown that it detects a large number of attacks, while using few computer resources. It requires no modification to the operating system or application.
Share