Buffer Overflow
A buffer overflow occurs when a computer application attempts to assign data to a data structure past the point that the structure is designed to store information. In the classic case, a buffer is a sequential memory section that is assigned to contain information. The type of information can vary from an array of integers to objects. When information is stored outside the allocated block of memory, the program can crash or computer malware can infect it.
Why are Buffer Overflows Dangerous?
Buffer overflows are best known from the software security vulnerabilities they create. They often attack new web and stand-alone applications as well as older programs. Although it is difficult to discover a buffer overflow vulnerability, a number of attackers have identified buffer overflow vulnerabilities in a variety of products and web resources. Once identified, the vulnerability can infect the computer with malware, putting it at risk of attack.
How does a Buffer Overflow Work?
In the classic exploit, the person attacking the program or system sends information to the targeted application that is stored in an undersized buffer. The information on the call stack will be overwritten to include the return pointer of the function or method. The information that the attacker sent will set the return point’s value to transfer control to the computer malware or other malicious code stored in the attacking information. At the program architecture level, a buffer overflow vulnerability normally occurs when an attacker successfully finds a violation of the programming assumptions that error checking did not catch or when there is faulty memory manipulation.
Other Types of Buffer Overflows
A number of other buffer overflow attacks have emerged. These include the format string attack, off-by-one error, and heap buffer overflow. Commonalities between the various types include a programming code that relies on external data to control application behavior, complex programming architecture, and dependence on properties of data enforced outside the programming code’s immediate scope.
How can Buffer Overflow Attacks be Used against Web Applications?
Similar to traditional buffer overflow attacks, web applications are also susceptible to the attack. In the web app case, an attacker sends specifically designed data inputs to the app to cause it to execute arbitrary codes in order to take over the web or application server. The attack can also be used to target application server products and can pose significant risk to product users. Common web vulnerabilities arise when the apps rely on libraries to work and in custom code that does not undergo significant error testing.
How to Guard against Buffer Overflow Attacks
The primary means of defense against a buffer overflow attack is to keep computer applications and web products current. Failure to apply the most recent patches to products is one of the most common reasons for vulnerabilities to buffer overflow attacks. If running a website, using commonly available scanners to analyze the site to identify flaws in custom or commercially acquired web products is another proactive step that can be taken to identify the vulnerability prior to attacks.
|
|
- Integer Overflow
An integer overflow, or integer wrapping, is a potential problem in a program based upon the fact that the value that can be held in a numeric datatype is limited by the data type’s size in bytes. ANSI C uses the following minimum sizes: data type size (bytes) char 1 short 2 int 2 long [...]...
- 0-day
0 Day, or Zero Day, refers to a type of malware which attacks a computer or application by exploiting vulnerabilities that the developer of that application does not yet know about. In traditional sense, 0 Day refers to the first day that a developer notices a vulnerability in an application he/she created and begins creating a [...]...
- Brute Force Attack
A brute force attack consists of trying every possible code, combination, or password until the right one is found. Determining the Difficulty of a Brute Force Attack The difficulty of a brute force attack depends on several factors, such as: How long can the key be? How many possible values can each key component have? [...]...
- Denial of Service (DoS) Attacks
A Denial of Service (DoS) attack is one that attempts to prevent the victim from being able to use all or part of his/her network connection. A denial of service attack may target a user to prevent him/her from making outgoing connections on the network. It may also target an entire organization to either prevent [...]...
- Chosen Plaintext Attack
A chosen plaintext attack is an attack where the cryptanalyst is able to define his own plaintext, feed it into the cipher, and analyze the resulting ciphertext. Mounting a chosen plaintext attack requires the cryptanalyst to be able to send data of his choice into the device which is doing the encryption, and it requires [...]...