Buffer overflow bugs are frequently security vulnerabilities. A program which takes advantage of a vulnerability to subvert another program's security is called an exploit. A buffer overflow exploit works by feeding the program with specially crafted content designed to change the data that follows the buffer in memory. Buffer overflows are most easily exploited when the buffer is in the program stack, since this can lead directly to an alteration of the program's execution path.
Determining the exploitability of a buffer overflow vulnerability can be difficult even for experienced programmers, since it involves a lot of high and low level knowledge of the architecture internals and the target program. Overflows of as little as a single byte beyond the end of a buffer have proved to be exploitable.
Generally, the buffer overflow problem is caused by careless programming. Avoiding them is still a manual process as most formal verification[?] systems have yet proven unattainable in modern programming languages.
Buffer overflows are common only in programs written in relatively low-level programming languages, such as assembly language, C and C++. Many programming languages use a combination of run time checking and static analysis to make it difficult or impossible to code a buffer overflow bug. However, runtime systems and libraries for such languages may occasionally have buffer overflows.
|
See This slashdot link (http://slashdot.org/search.pl?query=openbsd&op=stories&author=&tid=§ion=bsd&sort=1) for a remarkably loyal coverage of open bsd's progress.
In 1989, the Morris worm used a buffer overflow in a Unix program called finger to propagate itself over the Internet. Even after this incident, buffer overflows were virtually ignored as security issue by the public. Later, in 1995, Thomas Lopatic[?] independently reinvented the buffer overflow and published his findings on the Bugtraq security mailing list, which caused a wave of new security relevant buffer overflows to be found.
See also: computer security, shellcodes and some tutorials on http://www.phrack.org
Search Encyclopedia
|
Featured Article
|