Deck 10: Buffer Overflow

The potential for a buffer overflow exists anywhere that data is copied
or merged into a buffer,where at least some of the data are read from
outside the program.

Buffer overflow exploits are no longer a major source of concern to
security practitioners.

Shellcode is not specific to a particular processor architecture.

Stack buffer overflow attacks were first seen in the Aleph One Worm.

Shellcode must be able to run no matter where in memory it is
located.

An attacker can generally determine in advance exactly where the
targeted buffer will be located in the stack frame of the function in
which it is defined.

At the basic machine level,all of the data manipulated by machine
instructions executed by the computer processor are stored in either the processor's registers or in memory.

To exploit any type of buffer overflow the attacker needs to identify a
buffer overflow vulnerability in some program that can be triggered
using externally sourced data under the attackers control.

Buffer overflows can be found in a wide variety of programs,
processing a range of different input,and with a variety of possible
responses.

Even though it is a high-level programming language,Java still suffers
from buffer overflows because it permits more data to be saved into a buffer than it has space for.

Buffer overflow attacks are one of the most common attacks seen.

A buffer overflow error is not likely to lead to eventual program
termination.

A stack overflow can result in some form of a denial-of-service attack
on a system.

There are several generic restrictions on the content of shellcode.

Data is simply an array of _________ .

__________ defenses aim to harden programs to resist attacks in new programs.

A ___________ overflow occurs when the targeted buffer is located on the stack,usually as a local variable in a function's stack frame.

A __________ can occur as a result of a programming error when a process attempts to store data beyond the limits of a fixed-size buffer and consequently overwrites adjacent memory locations.

Shellcode has to be __________,which means it cannot contain any absolute address referring to itself.

__________ defenses aim to detect and abort attacks in existing programs.

A _________ value is named after the miner's bird used to detect poisonous air in a mine and warn miners in time for them to escape.

"Smashing the Stack for Fun and Profit" was a step by step introduction to exploiting stack-based buffer overflow vulnerabilities that was published in Phrack magazine by _________ .

An essential component of many buffer overflow attacks is the transfer of execution to code supplied by the attacker and often saved in the buffer being overflowed.This code is known as _________ .

The __________ project produces a free,multiplatform 4.4BSD-based UNIX-like operating system.

__________ is one of the best known protection mechanisms that is a GCC compiler extension that inserts additional function entry and exit code.

_________ attacks can occur in a binary buffer copy when the programmer has included code to check the number of bytes being transferred,but due to a coding error,allows just one more byte to be copied than there is space available.

The _________ is typically located above the program code and global data and grows up in memory (while the sack grows down toward it).

In the classic __________ overflow,the attacker overwrites a buffer located in the local variable area of a stack frame and then overwrites the saved frame pointer and return address.

Gaps,or __________ ,are flagged in the MMU as illegal addresses,and any attempt to access them results in the process being aborted.