Buffer_Overflows2008

Buffer_Overflows2008 - Buffer Overflows Importance of...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
Buffer Overflows
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Importance of Buffer overflows Buffer overflows are the most common form of security threat in software systems today, and vulnerabilities attributed to buffer overflows have consistently dominated CERT advisories. In the year 2002, 57% of security advisories for the year were related to buffer overflow vulnerabilities. As of August 2003, 50% of the security advisories issued for the year fell under this category. In addition, 50% of the 60 most severe vulnerabilities as posted on CERT/CC were caused by buffer overflow errors in programs. A similar pattern is also observable in vulnerabilities listings posted on computer security websites, such as SecurityFocus and Securiteam. Computer worms such as Slammer, CodeRed, and more recently, Blaster and Welchia have exploited buffer overflow vulnerabilitiesin programs to inflict billions of dollars worthof damages on the computing community.
Background image of page 2
An example in code is as follows: void func(void) { int i; char buffer[256]; // * for(i=0;i<512;i++) buffer[i]='A'; // ! return; } The 'buffer' gets filled with 256 'A's, followed by 256 more that just don't fit. The rest of those 'A's have to go somewhere .
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
What It Looks Like Sure the error is somewhat generic looking, but look a little closer at some of those values suggests the possibility of a BO…
Background image of page 4
Bit of history In 1988 Morris released a program which succeeded in infecting thousands of Unix hosts on the Internet. One of the methods Morris used to gain access to a vulnerable system was a buffer overflow bug in the fingerd daemon. Once it gained access to a vulnerable system, Morris's program installed itself on the machine, and used several methods to attempt to spread itself to other machines. The original intent of Morris was to spread to other systems relatively slowly and undetected, without causing a significant disruption on any of the affected machines. R. Morris
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
History Buffer Overflows have been around since the very beginnings of the Von-Neuman architecture. They first gained widespread notoriety in 1988 with the Morris Internet worm. From 1988 to 1996 the number of buffer overflow attacks remained relatively low. In 1995, Thomas Lopatic independently rediscovered the buffer overflow and published his findings on the Bugtraq security mailing list. Then everyhting changed dramatically in 1996 when Levy published a very well written paper which simultaneously showed that it was very likely that many programs harbored buffer overflow vulnerabilities, and also demonstrated techniques of constructing buffer overflow attacks. "Smashing the Stack for Fun and Profit" , by Aleph One.
Background image of page 6
Phrack 49 Volume Seven, Issue Forty-Nine File 14 of 16 BugTraq, r00t, and Underground.Org bring you XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Smashing The Stack For Fun And Profit XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX by Aleph One [email protected] [1]
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
How to make a buffer overflow A buffer overflow occurs when something
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 05/12/2008 for the course EPP 19601 taught by Professor Morel during the Spring '08 term at Carnegie Mellon.

Page1 / 35

Buffer_Overflows2008 - Buffer Overflows Importance of...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online