Home SecurityApplication Security What is a buffer overflow? How hackers exploit these vulnerabilities

What is a buffer overflow? How hackers exploit these vulnerabilities

by ethhack

Buffer overflow definition

A buffer overflow or overrun is a memory safety issue where a program does not properly check the boundaries of an allocated fixed-length memory buffer and writes more data than it can hold. This causes data to overflow to adjacent memory space, overwriting the information there, which often leads to crashes and exploitable conditions.

Buffer overflows are one of the oldest and most common causes for arbitrary code execution vulnerabilities, and applications written in programming languages like C and C++ are more prone to such coding mistakes than other languages. To avoid them, the developer community has developed secure coding practices and major software vendors have adopted them as part of their secure development life cycles.

Buffer overflow vulnerabilities on the rise

In September 2019, The MITRE Corporation, which maintains the Common Weakness Enumeration (CWE) catalog, published a list of the top 25 types of software vulnerabilities. The top rank went to CWE-119 or “Improper Restriction of Operations within the Bounds of a Memory Buffer,” a larger class of buffer handling errors that includes buffer overflows and out-of-bound reads.

The fact that buffer overflows still rank at the top after many years of efforts to eliminate them from computer software is somewhat surprising. However, this is the first time MITRE updated the top 25 weaknesses list since 2011 and the ranking is based on a new scoring formula that combines the frequency of vulnerabilities in the National Vulnerabilities Database (NVD) observed over 2017 and 2018 with their average severity scores. So, the list reflects the overall risk associated with certain types of weaknesses based on both prevalence and the danger they pose.

Another reason why buffer overflows are back in the spotlight might be the rise of internet-of-things (IoT) devices, which, based on research over the past few years, have exhibited poor code quality compared to modern desktop applications from established vendors. The firmware of embedded systems has historically been riddled with buffer overflow issues and that hasn’t improved much over the years because those obscure code bases don’t typically get major overhauls. What has changed is the growing number of such devices on the internet, on business networks and inside households.

Buffer overflow attack examples

Buffer overflows typically have a high severity ranking because they can lead to unauthorized code execution in cases where attackers can control the overwritten memory space outside the targeted buffer and can redirect a function pointer to their malicious code.

Copyright © 2020 IDG Communications, Inc.

Source link

Related Articles

Leave a Comment