Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Buffer overflows

Download as PPTX, PDF

Buffer overflows are a major vulnerability that allow arbitrary code to be executed remotely by exploiting flaws in how software handles memory. They occur when a program lacks sufficient bounds checking on user input written to a buffer, allowing an attacker to overwrite adjacent memory and hijack the program flow. While techniques like data execution prevention and stack canaries provide some protection, buffer overflows remain a threat due to weaknesses in software testing and development practices. Careful coding through measures like code reviews is the best way to prevent buffer overflows.

1 of 10
Buffer-overflows How they able to execute arbitrary code in your computer remotely.
Introduction what is a buffer-overflow? * Major vulnerability among computing. * It's only one class of attack. * there are many more classes of attacks. * Why it's so popular. How it exists in a software system. -lack of software testing. -weak personal. -Two different minds.
It’s Not Your Computer Anymore! WHAT? what kind of things buffer-overflow can do? - execute the arbitrary code. - alter the program logic flow. - Crash the host program ^ This leads to DDoS. - bench system security. - [in worst] by pass kernel security.
How It’s Works ! Stack overflow is only a one subtype from whole the class of buffer-overflows. Ex- Stack overflow. - x86 machines are using a stack. - How local variables stored. - How return address is stored. - insufficient bounds checking. - So now it's not magic.
Buffer overflows
Buffer overflows
Targets Affected - Calculator to Satiate. There are example history stories. - Microsoft windows OS. - Microsoft GDI+ vulnerability link: - x86 computer architecture oses. [Linux , BeOs, MacOs , etc etc] - Web servers. [ Apache , ISS] Examples - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0010 http://www.cert.org/advisories/CA-2003-09.html - Mobil Phones and embedded software. - Most top secured places. [ CIA , Pentagon, NSF are already hackzored ! :P ] - Router and protocol stacks. - car computer to far away satiate.
Fighting Back Against - nothing called abstract security. But there are things to lower the possibility. - Automatic Static code analysis tools. Ex- http://www.klocwork.com/products/insight/klocwork-truepath/index.php - Libraries and compiler extensions. Ex - Stack Guard from USENIX Security. GCC Stack-Smashing Protector. Microsoft Visual Studio /GS option. IBM -qstackprotect option. StackGhost. [static but uses help of hardware] - Dynamic runtime code analysis tools, like ZoneAlarm. - Dynamic level. Dynamic level protection depends on hardware implementation. - Data Execution Preventation bit. - Hardware based bound checking. - Segmented Protection. - External protection like Antivirus Servers ,IDS firewalls, NAT, DMZ zones etc etc.
Finally • Final Conclusion . No matter what security we invoke or enforce, our software/hardware and computers are still vulnerable to buffer overflows. The most best way to prevent is code very carefully. Go through more code reviews. Computing is a hostile environment ! “ I never travel on a plane ,if plane automatic control electronics uses the software that I have written !” -- James Glossring [author of Java [ programming language and chief software architect of Sun Microsystems] Thanks.
Buffer overflows

More Related Content

Buffer overflows

  • 1. Buffer-overflows How they able to execute arbitrary code in your computer remotely.
  • 2. Introduction what is a buffer-overflow? * Major vulnerability among computing. * It's only one class of attack. * there are many more classes of attacks. * Why it's so popular. How it exists in a software system. -lack of software testing. -weak personal. -Two different minds.
  • 3. It’s Not Your Computer Anymore! WHAT? what kind of things buffer-overflow can do? - execute the arbitrary code. - alter the program logic flow. - Crash the host program ^ This leads to DDoS. - bench system security. - [in worst] by pass kernel security.
  • 4. How It’s Works ! Stack overflow is only a one subtype from whole the class of buffer-overflows. Ex- Stack overflow. - x86 machines are using a stack. - How local variables stored. - How return address is stored. - insufficient bounds checking. - So now it's not magic.
  • 7. Targets Affected - Calculator to Satiate. There are example history stories. - Microsoft windows OS. - Microsoft GDI+ vulnerability link: - x86 computer architecture oses. [Linux , BeOs, MacOs , etc etc] - Web servers. [ Apache , ISS] Examples - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0010 http://www.cert.org/advisories/CA-2003-09.html - Mobil Phones and embedded software. - Most top secured places. [ CIA , Pentagon, NSF are already hackzored ! :P ] - Router and protocol stacks. - car computer to far away satiate.
  • 8. Fighting Back Against - nothing called abstract security. But there are things to lower the possibility. - Automatic Static code analysis tools. Ex- http://www.klocwork.com/products/insight/klocwork-truepath/index.php - Libraries and compiler extensions. Ex - Stack Guard from USENIX Security. GCC Stack-Smashing Protector. Microsoft Visual Studio /GS option. IBM -qstackprotect option. StackGhost. [static but uses help of hardware] - Dynamic runtime code analysis tools, like ZoneAlarm. - Dynamic level. Dynamic level protection depends on hardware implementation. - Data Execution Preventation bit. - Hardware based bound checking. - Segmented Protection. - External protection like Antivirus Servers ,IDS firewalls, NAT, DMZ zones etc etc.
  • 9. Finally • Final Conclusion . No matter what security we invoke or enforce, our software/hardware and computers are still vulnerable to buffer overflows. The most best way to prevent is code very carefully. Go through more code reviews. Computing is a hostile environment ! “ I never travel on a plane ,if plane automatic control electronics uses the software that I have written !” -- James Glossring [author of Java [ programming language and chief software architect of Sun Microsystems] Thanks.