Scribd
Upload
134 views

Assignment 3 - Buffer Overflows: Example

This document discusses buffer overflow attacks and ways to prevent them. A buffer overflow occurs when a program tries to store more data in a buffer than it was intended to hold, overflowing the buffer and corrupting or overwriting adjacent data. Buffer overflows can be exploited to execute arbitrary code and compromise security. Methods to help prevent buffer overflows include keeping software patched, using security tools like ExecShield and StackGuard, and implementing input validation in custom applications.

Uploaded by

upasanachauhan1
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
134 views

Assignment 3 - Buffer Overflows: Example

This document discusses buffer overflow attacks and ways to prevent them. A buffer overflow occurs when a program tries to store more data in a buffer than it was intended to hold, overflowing the buffer and corrupting or overwriting adjacent data. Buffer overflows can be exploited to execute arbitrary code and compromise security. Methods to help prevent buffer overflows include keeping software patched, using security tools like ExecShield and StackGuard, and implementing input validation in custom applications.

Uploaded by

upasanachauhan1
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 3

ASSIGNMENT 3 BUFFER OVERFLOWS

INTRODUCTION
A Buffer Overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information which has to go somewhere can overflow into ad!acent buffers, corrupting or overwriting the valid data held in them. "he buffer overflow attac# results from input that is longer than the implementer intended. $t is an increasingly common type of security attac# on data integrity. $n these attac#s, the extra data may contain codes designed to trigger specific actions, in effect sending instructions to the attac#ed computer that could, for example, damage the user%s files, change data, or disclose confidential information. Buffer overflow attac#s are said to have arisen because the & programming language supplied the framewor#, and poor programming practices supplied the vulnerability. Example:

(a) Situation when main program is running. (b) After program A is called. (c) Buffer overflow shown in gray. True Case:

$n 'uly ())), a vulnerability to buffer overflow attac# was discovered in *icrosoft Outloo# and Outloo# +xpress. A programming flaw made it possible for an attac#er to compromise the integrity of the target computer by simply it sending an e mail message.

C !se"ue!#es $ Bu$$er O%er$l & A''a#(s:


Availability, Buffer overflows generally lead to crashes. Other attac#s leading to lac# of availability are possible, including putting the program into an infinite loop. Access control, Buffer overflows often can be used to execute arbitrary code, which is usually outside the scope of a program-s implicit security policy. Other, .hen the conse/uence is arbitrary code execution, this can often be used to subvert any other security service.

E!%)r !me!'s a$$e#'e*: Almost all #nown web servers, application servers, and web application environments are susceptible to buffer overflows, the notable exception being environments written in interpreted languages li#e 'ava or 0ython, which are immune to these attac#s (except for overflows in the $nterpreter itself).

"he Severity is very high and the 1i#elihood of exploit ranges from high to very high. Exe#S+)el* ,r 'e#') ! +xecShield is security 1inux #ernel patch to avoid worms and other problems. As a pro!ect by 2ed 3at, it had the aim of reducing the ris# of worm or other automated remote attac#s on 1inux systems. "he first result of the pro!ect was a security patch for the 1inux #ernel that adds an 45 bit to x67 &08s. S'a#( Guar* Stac#9uard is a compiler extension that enhances the executable code produced by the compiler so that it detects and thwarts buffer overflow attac#s against the stac#. "he effect is transparent to the normal function of programs. "he only way to notice that a program is Stac#9uard enhanced is to cause it to execute & statements with undefined behavior, Stac#9uard enhanced programs define the behavior of writing to the return address of a function while it is still active.

CONCLUSION
.e can prevent ourselves by ta#ing these steps, :eep up with the latest bug reports for your web and application server products and other products in your $nternet infrastructure. Apply the latest patches to these products. 0eriodically scan your web site with one or more of the commonly available scanners that loo# for buffer overflow flaws in your server products and your custom web applications. ;or your custom application code, you need to review all code that accepts input from users via the 3""0 re/uest and ensure that it provides appropriate si<e chec#ing on all such inputs. "his should be done even for environments that are not susceptible to such attac#s as overly large inputs that are uncaught may still cause denial of service or other operational problems.

You might also like