Smashing the Stack: Making Memory-Unsafe Code Less Exploitable - RSA Conference 2023

Explore the critical issue of memory-unsafe code in this 50-minute RSA Conference talk presented by Bob Lord from CISA and Dan Wallach from DARPA. Delve into the history of stack smashing vulnerabilities, tracing back to Aleph One's seminal 1996 article, and understand how memory-unsafe code has become a leading cause of Common Vulnerabilities and Exposures (CVEs). Gain insights into the real-world consequences of these security flaws, examine why this problem often goes underdiscussed, and discover essential mitigations that software developers and their managers should implement to enhance cybersecurity.