'Buffer overflows' pose computer security threat, experts say

Source: The Nando Times

L33tdawg: A buffer overflow is a security risk... you don't say! I bet even a freshie systems administrator would be able to tell you that!

Dumping too much data into a predefined area of computer memory is not unlike pouring too much water into a bucket or flushing too much tissue down a toilet. There are overflows - and the results can be very messy.

A "buffer overflow" made public Thursday in Microsoft Corp.'s Windows XP, for instance, could allow hackers to take over a computer and erase disks, alter data and install their own programs.

But buffer overflows are not limited to Microsoft, though the ubiquity of its products makes an enticing target. At least half of vulnerabilities found in operating systems are due to buffer overflows, experts say.

They occur when software is programmed to accept information but is not given the ability to validate or limit it. That allows hackers to send commands that an operating system is not expecting but that end up in a computer's memory and are executed.

"You reprogram to replace the commands and instructions the computer is expecting with commands of your own," said Joe Bertnick, director of security solutions at BindView Corp.

In the case of Windows XP, security experts at eEye Digital Security Inc. found an "unchecked" buffer in the Universal Plug and Play software service, which is used to detect and link to devices on a network.

Because the service runs with administrator rights, a hacker could send it messages with malicious code and take over control of the whole computer.