A Buffer Overflow Study: Attacks & Defenses
A technical overview of heap and buffer overflows, Linux tools that can be used to reduce their risk, the kinds of exploits these tools can prevent, and more. "This study deals with the various kinds of overflows (heap, stack) to understand how they work and how they may be used to execute malicious code; then it focuses on a few Linux solutions (Grsecurity features, Libsafe...), and explains how they behave, which kinds of exploits they prevent respectively...
It aims at presenting an overview of generic solutions which may be applied to a whole system, although it is a non-exhaustive one."
On november 2, 1988 a new form of threat appeared with the Morris Worm, also known as the Internet Worm. This famous event caused heavy damages on the internet, by using two common unix programs, sendmail and fingerd. This was possible by exploiting a buffer overflow in fingerd. This is probably one of the most outstanding attacks based on buffer overflows.
This kind of vulnerability has been found on largely spread and used daemons such as bind, wu-ftpd, or various telnetd implementations, as well as on applications such as Oracle or MS Outlook Express...
- Thu, 2013-05-16 23:10
- Thu, 2013-05-16 03:04
- Thu, 2013-05-16 02:45