Introduction Over the past weeks there has been a global hype over a number of vulnerabilities affecting the GNU Bash application. These vulnerabilities are classified under CWE-78 (OS Command Injection) which describes vulnerabilities that allow the construction of OS commands using externally con...

This post discusses the issues that arise from the reliance on user-mode control flow monitoring techniques for the implementation of systems such as Host Based Intrusion Detection Systems, Sandboxes, Function Tracers, etc. It focuses on a single HIPS product offered by Comodo [1], a well respected ...