Advertise Here

Author Topic: Buffer overflow/load information [Learn]  (Read 7541 times)

0 Members and 1 Guest are viewing this topic.

Offline zilchuary

  • SMF For Free Newbie
  • *
  • Posts: 16
    • View Profile

  • Total Badges: 10
    Badges: (View All)
    Topic Starter Combination Level 2 Level 1 10 Posts
Buffer overflow/load information [Learn]
« on: July 09, 2008, 12:35:04 pm »
Okay, i thought about this section of the forums, it is not really useful with the help, tutorials ect.
so i will post something helpful and hopefully it will help you all.

Step 1 Learning.
What is the Java buffer overflow/load?

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.

Step 2 Discoverer
Who/how did they discover the Java buffer overflow and when?
In July 2000, a vulnerability to buffer overflow attack was discovered in Microsoft Outlook and Outlook Express. A programming flaw made it possible for an attacker to compromise the integrity of the target computer by simply it sending an e-mail message. Unlike the typical e-mail virus, users could not protect themselves by not opening attached files; in fact, the user did not even have to open the message to enable the attack. The programs' message header mechanisms had a defect that made it possible for senders to overflow the area with extraneous data, which allowed them to execute whatever type of code they desired on the recipient's computers. Because the process was activated as soon as the recipient downloaded the message from the server, this type of buffer overflow attack was very difficult to defend. Microsoft has since created a patch to eliminate the vulnerability.

I hope i helped out.

 

Related Topics

  Subject / Started by Replies Last post
3 Replies
3222 Views
Last post June 04, 2008, 11:26:18 pm
by guest4485
2 Replies
2639 Views
Last post May 24, 2008, 04:28:11 am
by carpaddict13
0 Replies
4459 Views
Last post June 11, 2009, 10:00:39 pm
by Mdog
3 Replies
1284 Views
Last post October 08, 2009, 11:29:39 am
by LaundryLady
3 Replies
952 Views
Last post November 21, 2009, 10:10:12 am
by simply sibyl