I think what the press release was try to say is that the buffer overflows that break x86 boxes wont work on a PPC box. This is not the same thing as saying, PPC doesnt have buffer overflows, just that, you have to do it a lot differently.
Buffer overflows is programming structure issue. For example, the deployment of PowerPC doesn’t rescue the flaws of Samba. It doesn’t solve the issue IF people just copy the source code and port it on their preferred ecosystem.
x86-based" exploids wont work on PPCs. This is commensence but for some reason they wanted to spell it out. I guess everyone doesnt know the differences between the two platforms. But the point is, in an x86 world people are going to assume that you'r box is x86 and if they try to exploit it, they're not going to succseed. They only way they will is if they know the box is PPC and they change the way they exploit the box. Thats how i read it anyway!
No quite common sense IF one looks into an open source ecosystem.
In most cases, buffer overflows has nothing to do with HW i.e. refer to
http://www.itworld.com/nl/lnx_sec/12182001/ http://www.secunia.com/advisories/8533/ Note the inclusion of MacOS X i.e. a PowerPC box.
It’s an issue with sloppy programming...
Also refer to
http://www.ciac.org/ciac/bulletins/l-104.shtml
-104: SuSE Linux, xinetd Buffer Overflow
July 3, 2001 23:00 GMT
--------------------------------------------------------------------------------
PROBLEM: SuSE Linux, xinetd has a buffer overflow vulnerability
PLATFORM: i386 Intel Platform: SuSE-6.3,6.4,7.0, 7.1, 7.2 Sparc Platform: SuSE-7.1 AXP Alpha Platform: SuSE-6.3,6.4,7.0, 7.1 PPC Power PC Platform: SuSE-6.4,7.0, 7.1
DAMAGE: The buffer overflow vulnerability allows a remote attacker to execute arbitrary code at all privleges.
SOLUTION: Apply patches supplied by SuSE
--------------------------------------------------------------------------------
VULNERABILITY
ASSESSMENT: The risk is HIGH. The vulnerability results in a root compromise, it is remotely exploitable, and is widely publicized
