Guides Preventing Buffer Overflow Exploits, Part 1

Preventing Buffer Overflow Exploits, Part 1

Internet servers, including Web, e-mail, and FTP servers have long been a target of different kinds of attacks aiming to disable them from providing services to their respective users. One particular exploit, which has become almost ubiquitous in the last several years, is the buffer overflow exploit. While the exploit requires particularly arcane and detailed knowledge of both assembly language and, in some cases, operating system interface details, once someone has coded an exploit and published it, anyone can use it. The results of these exploits provide interactive command shells on UNIX and Linux systems and the ability to upload and execute arbitrary programs on Windows systems.
The buffer overflow exploit has become almost ubiquitous in recent years. This article describes how the exploit works and provides examples to better understand it.

To answer the need for advanced security features for Linux servers, the Open Systems Lab at the Ericsson Research Corporate Unit in Montreal, Canada, started the Distributed Security Infrastructure project (DSI) to design and develop a secure infrastructure that provides advanced security mechanisms for telecom applications running on carrier grade Linux servers. One of the goals of DSI is to prevent attacks incoming from the Internet and Intranet, which include buffer overflow exploits, denial of service attacks, and other type of attacks and exploits.

A buffer overflow occurs when a program or a process tries to store more data in a buffer than the buffer is intended to hold.

This article describes the buffer overflow exploit and provides detailed examples to help understand it. A subsequent article will discuss solutions to prevent such exploits and look in detail at the DSM. Please note that the examples provided are for illustration purposes, and we are not by any mean publicizing how to exploit systems. The very simple examples aim to better explain the nature of the exploits and how to prevent them.

Buffer Overflow Exploits

A buffer overflow occurs when a program or a process tries to store more data in a buffer than the buffer is intended to hold. Since buffers are created to contain a finite amount of data, the extra information has to go somewhere, and it can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.

Although it may occur accidentally through a programming error, buffer overflow is an increasingly common type of security exploit on data integrity. In a buffer overflow exploit scenario, the extra data may contain codes designed to trigger specific actions such as sending new instructions to the attacked server that could, for instance, damage users’ files, change data, or disclose confidential information.

To prevent buffer overflow exploits, it is necessary to understand how they occur. If the buffer overflow is a result of an accidental misuse of the vulnerable program, then the program will simply crash. However, if the exploit is the work of a malicious attack, then the consequences can be more severe.

>> Process Memory Regions

This article was originally published on LinuxPlanet.

Latest Posts

Get-MsolUser PowerShell Attributes & Properties

This article has been updated for 2020. Please note that WAAD was retired in 2018, but the cmdlets listed in this article are still...

Microsoft Azure PowerShell Scripts and Commands

Using PowerShell scripts and commands for quickly executing tasks in Windows operating systems offers a number of benefits over traditional scripting languages, such as...

Microsoft Hyper V Review

Microsoft Hyper-V: The Bottom line Microsoft Hyper-V lagged behind VMware's virtualization tool, one of the most popular tools in the space, when it was first...

Best Cloud Based Services & Companies

Any company that’s delayed introducing cloud-based software into their infrastructure needs to consider leveraging these new technologies to reap all the benefits cloud computing...

Best Load Balancers for 2020

The best load balancers are able to provide either hardware or software-based load balancing to ensure maximum service availability by offering network traffic distribution...

Related Stories