What is Buffer Overflow Attack?

buffer overflow attack

An Introduction to Buffer Overflow

Definition

Types

  • Stack-based buffer overflows: Targets the stack memory
  • Heap-based attacks: Targets the open memory pools called heaps
  • Unicode overflow: Uses Unicode as input to flood memory
  • Integer overflow attacks: Uses arithmetic operations that result in integers larger than the integer capacity to orchestrate attacks.

Consequences

  • Application crashes and other types of attacks can make the application unavailable.
  • Arbitrary code execution triggering undesirable application behavior and actions.
  • Unauthorized access to the application or data
  • Subversion of security systems in place

Buffer Overflow Vulnerabilities: How Do They Work?

How do Attackers Orchestrate Buffer Overflow Attacks?

Causes

Secure Coding and Development Practices

  • Choose languages with in-built protection mechanisms such as C#, Java, JavaScript, PERL, and so on.
  • If using C/ C++ languages, standard library functions that do not have bounds-checks should be avoided.
  • Use special security procedures in the code to minimize the likelihood of buffer overflow vulnerabilities.
  • Review all custom codes and codes that accept user inputs via HTTP requests used in the application.
  • Ensure that all inputs are size, and bounds checked.
  • Proactively identify and fix coding errors.

Runtime Protection

  • Structured Exception Handler Overwrite Protection (SEHOP): The Structured Exception Handler (SEH), a built-in system, helps in handling software and hardware exceptions. SEHOP enables businesses to prevent attackers from overwriting and attacking the SEH.
  • Address Space Randomization (ASLR): ASLR randomly moves around the address spaces of data locations. Without knowledge of where the executable code exists, it is nearly impossible to execute Buffer Overflow Attacks.
  • Data Execution Prevention: By marking certain memory regions as executable and non-executable, attackers are prevented from executing malicious code in non-executable areas.

Conclusion

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store