A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.
In Simple words, Buffer overflow attacks involve sending overly long input streams to the attacked server, causing the server to overflow parts of the memory and either crash the system or execute the attacker's arbitrary code as if it was part of the server's code. The result is full server compromise or Denial of Service.
Example :
Consider a simple example in which the user is required to enter a address. The programmer might assume that users will not enter a address longer than 100 characters. Based on that assumption, the programmer might write the code to allocate a 150-character buffer to contain the returned input. But what would happen if the user returns an input that is 5000 characters long? Obviously, the allocated buffer would be too small to contain all the input. But the real question is what would the server do with the remaining 4,985 characters? Due to the specific structure of the server's memory, the remaining characters will run over important parts of the application and could cause the system to actually execute parts of the input as if they were legitimate parts of the application code. Carefully crafted inputs can execute arbitrary commands on the server, usually with high permissions. Not so carefully crafted inputs can cause the server to crash while trying to execute meaningless input.
In Simple words, Buffer overflow attacks involve sending overly long input streams to the attacked server, causing the server to overflow parts of the memory and either crash the system or execute the attacker's arbitrary code as if it was part of the server's code. The result is full server compromise or Denial of Service.
Example :
Consider a simple example in which the user is required to enter a address. The programmer might assume that users will not enter a address longer than 100 characters. Based on that assumption, the programmer might write the code to allocate a 150-character buffer to contain the returned input. But what would happen if the user returns an input that is 5000 characters long? Obviously, the allocated buffer would be too small to contain all the input. But the real question is what would the server do with the remaining 4,985 characters? Due to the specific structure of the server's memory, the remaining characters will run over important parts of the application and could cause the system to actually execute parts of the input as if they were legitimate parts of the application code. Carefully crafted inputs can execute arbitrary commands on the server, usually with high permissions. Not so carefully crafted inputs can cause the server to crash while trying to execute meaningless input.
