What is Buffer Overflow?

Buffer overflow or also sometimes known as buffer overrun is a bug or anomaly in the software which occurs when a program while writing to buffer in memory overshoots its allocated buffer space and ends up writing into adjacent or nearby memory space (buffer).

Buffer overflows normally are just bugs in the software systems which really do not do any harm on their own.

If a buffer overflow exists in the software, the software would end up crashing itself and any software that uses the buffer it has overrun.

But in cases where buffer overflows are exploited maliciously, they may and in most cases they do end up resulting into a security breach. Most of the vulnerabilities that exist in the software across the globe are because of some form of buffer overflow bugs.

Programs built using C and C++ languages are often prone to buffer overflow attacks as they do not have any inbuilt functions that provide error checking in regards to buffer overflows that may have been accidently programmed into by the programmer due to some logic in error or no manual error checking.

Hackers can trigger buffer overflows and rewrite parts of the buffer with instructions or small programs that may lead to execution of malicious code, spawning of remote shells, deletion of system files, connection to remote systems and downloading of malware, remote control of the infected system, etc.

There are two basic techniques through which buffer overflows are exploited. Stack based exploitation and heap based exploitation. Stack based buffer overflows can trigger any of the following methods of attacks. Stack based overflow may re-write the values of variables that are adjacent to the allocated buffer of the program and hence changing the logic of the program.

They may also target data that holds the return address and hence change the course of the execution of the program or they may target the data stored in the register and change the course of execution of program in such a manner.

Buffer overflows based on heap exploitation function entirely in different manner. Heaps are dynamically allocated spaces of memory and are typically known to contain program data. The heap based exploitation occurs such that the internal program structures are overwritten such as linked list pointers.

This method overwrites the linkage to the next instruction and hence ends up overwriting the program function pointer.


Related Items

Internet Security Q & A

What is Authorization?
The process of determining whether the user who has logged in has the...
What is Arp Cache Poisoning?
Man-in-the-middle attacks are one of the most prevalent types of attack...

Internet Security Articles

Smartphone Security - 10 Tips to Stay Secure
In this article we will discuss Smartphone security and vulnerability. I...
The 6 Best iPhone Security Applications
The iPhone is without doubt a cool gadget and it is been by far the most...

Search

Internet Security Ads

Ask Question

Still cannot find answer for your security question?

 

Ask your question to our experts!

Copyright © 2011 SecuritySupervisor.com. All Rights Reserved.          Ask Question | Privacy | Legal | Links | Contact Us