Buffer overflow vulnerability

CAPEC-100 OWASP 2017-A9 OWASP 2013-A9 CWE-119 WASC-7 WSTG-INPV-13

In data security and programming, a buffer overflow or buffer overrun is an anomaly found an application due to which a program while writing information to a buffer, overruns the buffer’s boundary. The buffer is the temporary storage allocated to an application to store data. The application overwrites the adjacent memory locations. There are many web application, the programs are stored in an undersized stack buffer. The attacker can send data to the programs and he can overwrite the information on the stack, including the function’s return pointer. An attacker uses the buffer overflow attack to corrupt the execution stack of the victim server. The applications that use the graphics library to render images are vulnerable to this vulnerability. The applications that use interpreters like Java and python are immune to buffer overflow attack.

There are two types of buffer overflow attack:-

  • Heap-based buffer overflow
  • Stack-based buffer overflow

In heap-based buffer overflow attack, the attacker floods the server’s memory to hang the execution of the programs. This type of buffer overflow is least used among attacks. The stack-based buffer overflow is commonly used among attacks to attack a server. In this type of buffer overflow attack, the application calls the stack outside the intended data structure. This cause the program to use more memory than the allocated space. Using stack-based buffer overflow attack, the attacker can also perform stack smashing attack.

Impact

Using this vulnerability, an attacker can:-

  • crash the application by overloading the buffering.
  • explicitly execute any malicious code outside the application’s scope.
  • execute denial of service attack.

Mitigation / Precaution

Beagle recommends the following fixes:-

  • Try to keep up with the latest bug reports for the web application server products and other products in the Internet infrastructure.
  • Periodically scan the web application for buffer overflow vulnerability.
  • Apply the latest patches to all the products in the server.

Latest Articles