The buffer overflow attack was discovered in piracy circles. Uses entries for a badly implemented application, but (intentionally) completely harmless, usually with root / admin privileges. The buffer overflow attack is the result of an entry that is longer than the one implemented. To understand their inner workings, we need to talk a little about how computers use memory.
In computer security and programming, a buffer overflow or buffer overflow is an anomaly in which a program, when writing data to a buffer, overrides the buffer limit and overwrites the adjacent memory locations.
Buffers are memory areas reserved for storing data, often when moving from one section of a program to another, or between programs. Often, buffer overflows can be triggered by malformed inputs; if it is assumed that all entries will be less than a certain size and the buffer is created to be that size, then an abnormal transaction that produces more data could cause it to write past the end of the buffer. If this overwrites adjacent data or executable code, this can result in erratic program behavior, including memory access errors, incorrect results, and failures.
Exploiting the behavior of a buffer overflow is a well-known security vulnerability. In many systems, the memory design of a program, or the system as a whole, is well defined. When sending data designed to cause a buffer overflow, it is possible to write to known areas that contain executable code and replace it with malicious code. Buffers are widespread in operating system (OS) code, so it is possible to perform attacks that escalate privileges and gain unlimited access to computer resources. The famous Morris worm used this as one of their attack techniques.
Programming languages commonly associated with buffer overflows include C and C ++, which do not provide built-in protection against access or overwrite of data in any part of memory and do not automatically check that data written to an array of built-in buffer) the boundaries of that array. Limit checking can prevent buffer overflows, but requires additional code and processing time. Modern operating systems use a variety of techniques to combat malicious buffer overflows, especially by randomising memory design or by deliberately leaving space between buffers and searching for actions that write in those areas.