25-08-2017, 09:32 PM
Buffer Overflow Attacks
Buffer overflow.pdf (Size: 5.38 MB / Downloads: 89)
Introduction
Buffer overflows. In most information technology circles these days, the term
buffer overflows has become synonymous with vulnerabilities or in some cases,
exploits. It is not only a scary word that can keep you up at night wondering if
you purchased the best firewalls, configured your new host-based intrusion prevention
system correctly, and have patched your entire environment, but can
enter the security water-cooler discussions faster than McAfee’s new wicked
anti-virus software or Symantec’s latest acquisition. Buffer overflows are proof
that the computer science, or software programming, community still does not
have an understanding (or, more importantly, firm knowledge) of how to design,
create, and implement secure code.
The Challenge of Software Security
Software engineering is an extremely difficult task and of all software creationrelated
professions, software architects have quite possibly the most difficult task.
Initially, software architects were only responsible for the high-level design of
the products. More often than not this included protocol selection, third-party
component evaluation and selection, and communication medium selection.We
make no argument here that these are all valuable and necessary objectives for
any architect, but today the job is much more difficult. It requires an intimate
knowledge of operating systems, software languages, and their inherent advantages
and disadvantages in regards to different platforms. Additionally, software
architects face increasing pressure to design flexible software that is impenetrable
to wily hackers. A near impossible feat in itself.
Microsoft Software Is Not Bug Free
Surprise, surprise. Another Microsoft Software application has been identified
with another software vulnerability. Okay, I’m not on the “bash Microsoft”
bandwagon. All things considered, I’d say they have a grasp on security vulnerabilities
and have done an excellent job at remedying vulnerabilities before production
release. As a deep vulnerability and security researcher that has been in
the field for quite some time, I can say that it is the most –sought-after type of
vulnerability. Name recognition comes with finding Microsoft vulnerabilities for
the simple fact that numerous Microsoft products are market leading and have a
tremendous user base. Finding a vulnerability in Mike Spice CGI (yes, this is
real) that may have 100 implementations is peanuts compared to finding a hole
in Windows XP, given it has tens of millions of users.The target base has been
increased by magnitudes.
The Increase in Buffer Overflows
Contrary to popular belief, it is nearly impossible to determine if vulnerabilities
are being identified and released at an increasing or decreasing rate. One factor
may be that it is increasingly difficult to define and document vulnerabilities.
Mitre’s CVE project lapsed in categorizing vulnerabilities for over a nine-month
stretch between the years 2003 and 2004.With this said, if you were to look at
the sample statistics provided by Mitre on the number of vulnerabilities released,
it would lead you to believe that vulnerabilities are actually decreasing. As seen
by the data in Table 1.2, it appears that the number of vulnerabilities is
decreasing by a couple hundred entries per year.
Definitions
One of the most daunting tasks for any security professional is to stay on top of
the latest terms, slang, and definitions that drive new products, technologies, and
services. While most of the slang is generated these days online via chat sessions,
specifically IRC, it is also being passed around in white papers, conference discussions,
and just by word of mouth. Since buffer overflows will dive into code,
complex computer and software topics, and techniques for automating exploitation,
we felt it necessary to document some of the commonest terms just to
ensure that everyone is on the same page.