Buffer-Overflow Attacks

BUFFER-OVERFLOW ATTACKS

Introduction to Scripting and Database with Lab

COMP 230 ON SEC C

Summer 2007 Semester

August 18, 2007

Professor Charlotte McKenzie

Prepared by: William Owusu

Introduction

Security is everyone's problem. It is important to be aware of issues that can foster

security violations in software. Buffer overflows are a favorite exploit for hackers by

overflow attacks involve sending overly long input streams to the attacked server,

causing the server to overflow parts of the memory and either crash the system or execute

the attacker's arbitrary code as if it was part of the server's code. The result is full server

compromise or denial of service.

Some well known internet worms, including Code Red, Slapper and Slammer, use

buffer overflow attacks to propagate and execute payloads. Buffer overflow

vulnerabilities are some of the most common programming errors. The CVE vulnerability

database indicates that 23% of all vulnerabilities uncovered during 2006 were buffer

overflow vulnerabilities.

Security Issues

Security is probably not an issue with a small program that you write for your own use

and which is not even accessible by others. Consider, in contrast, software that is run on a

company server each time that someone on the Internet clicks on a particular link on a

company web page. If that software has a security flaw, it may then be possible for

malicious users to do things on this server that they should not be able to do. For

example, they might be able to read data that is confidential, they might be able to change

data on the server, they might be able to crash the server, and they might even be able to

gain administrative access to the server, thus giving themselves complete access to

everything on this server.

Examples

Buffer overflow occurs anytime the program writes more information into the buffer than

the space it has allocated in the memory....