[1] TESO Security Group, http://www.team-teso.net/

    [2] Chaos Computer Club: 17th Chaos Communication Congress, http://www.ccc.de/congress/

    [3] portal, “Format String Exploitation Demystified”, preliminary version 21, not yet published, http://www.security.is/

    [4] Pascal Bouchareine, “format string vulnerability”, http://www.hert.org/papers/format.html

    [5] Plasmoid / THC, Stack overflows, http://www.thehackerschoice.com/papers/OVERFLOW.TXT

    [6] Halvar Flake, “Auditing binaries for security vulnerabilities”, http://www.blackhat.com/presentations/bh-europe00/HalvarFlake/HalvarFlake.ppt

    [7] GDB, The GNU Debugger, http://www.gnu.org/software/gdb/gdb.html

    [8] ltrace, no official maintainer, http://www.debian.org/Packages/stable/utils/ltrace.html

    [9] strace, http://www.wi.leidenuniv.nl/~wichert/strace/

    [10] GNU binutils, http://www.gnu.org/gnulist/production/binutils.html

    [11] PaX group, “Implementing non executeable rw pages on the x86”, http://pageexec.virtualave.net/

    [12] Tool Interface Standard, Executeable and Linking Format Specifications v1.2, http://segfault.net/~scut/cpu/generic/TIS-ELF v1.2.pdf

    [13] Silvio, “ELF executeable reconstruction from a core image”, http://www.big.net.au/~silvio/core-reconstruction.txt

    [14] Solar Designer, post to Bugtraq mailing list demonstrating return into libc, Bugtraq Archives 1997 August 10

    [15] Solar Designer, JPEG COM Marker Processing Vulnerability in Netscape Browsers, advisory demonstrating malloc management information overwrite, http://www.openwall.com/advisories/OW-002-netscape-jpeg.txt

    [16] Pascal Bouchareine, “__atexit in memory bugs: proof of concept”

    [17] Juan M. Bello Rivas, “Overwriting the .dtors section”

    [18] Matt Conover aka Shok, “w00w00 on Heap Overflows”, http://www.w00w00.org/files/articles/heaptut.txt

    [19] Bulba and Kil3r, Lam3rZ, Bypassing StackGuard and StackShield, Phrack issue 56, article #5, http://phrack.infonexus.com/

    [20] Kil3r, Lam3rZ, 33_su.c, exploit for su/msgfmt for Immunix Linux

    [21] LSD crew, IRIX telnet daemon exploit irx_telnetd.c and explanations, http://www.lsd-pl.net/ , http://www.securityfocus.com/templates/archive.pike?list=1&mid=75864

    [22] TESO wu-ftpd 2.6.0 exploit: 7350wu, http://www.team-teso.net/releases.php