stack buffer overflow
stack overflow

This caused a stack buffer overflow, allowing arbitrary code to be run on an unmodified system.

Over the years a number of schemes have been developed to inhibit malicious stack buffer overflow exploitation.

While this method definitely makes the canonical approach to stack buffer overflow exploitation fail, it is not without its problems.

For this reason, this is the technique most commonly used in Internet worms that exploit stack buffer overflow vulnerabilities.

Prevent the execution of malicious code from the stack without directly detecting the stack buffer overflow.

In an actual stack buffer overflow exploit the string of "A"'s would instead be shellcode suitable to the platform and desired function.

Detect that a stack buffer overflow has occurred and thus prevent redirection of the instruction pointer to malicious code.

A NOP-sled is the oldest and most widely known technique for successfully exploiting a stack buffer overflow.

A common type of storage violation is known as a stack buffer overflow where a program attempts to alter a memory location beyond its allocated memory.

Within the topic of stack buffer overflows, an often discussed but rarely seen architecture is one in which the stack grows in the opposite direction.

The Morris worm spread in part by exploiting a stack buffer overflow in the Unix finger server.

A number of platforms have subtle differences in their implementation of the call stack that can affect the way a stack buffer overflow exploit will work.

Stack buffer overflow bugs are caused when a program writes more data to a buffer located on the stack than there was actually allocated for that buffer.

Stack canaries, named for their analogy to a canary in a coal mine, are used to detect a stack buffer overflow before execution of malicious code can occur.

The Witty worm spread by exploiting a stack buffer overflow in the Internet Security Systems BlackICE Desktop Agent.

Features significantly increased with 11i v2, with the addition of kernel-based intrusion detection, strong random number generation, stack buffer overflow protection, security partitioning, role-based access management, and various open-source security tools.

Smashing The Stack For Fun And Profit by Aleph One, published in issue 49, is the "classic paper" on stack buffer overflows, partly responsible for popularizing the vulnerability.

At most this means that growing the stack in the opposite direction will change some details of how stack buffer overflows are exploitable, but it will not reduce significantly the number of exploitable bugs.

A recursive function that terminates in theory but causes a call stack buffer overflow in practice can be fixed by transforming the recursion into a loop and storing the function arguments in a stack.

In software, a stack buffer overflow (also known as stack smashing) occurs when a program writes to a memory address on the program's call stack outside of the intended data structure; usually a fixed length buffer.

This change in architecture is frequently suggested as a solution to the stack buffer overflow problem because any overflow of a stack buffer that occurs within the same stack frame can not overwrite the return pointer.

This technique can greatly increase the difficulty of exploiting a stack buffer overflow because it forces the attacker to gain control of the instruction pointer by some nontraditional means such as corrupting other important variables on the stack.

He is also known as the author of the article "Smashing The Stack For Fun and Profit", published in 1996 Phrack magazine issue 49, which was the first high-quality, public, step-by-step introduction to stack buffer overflow vulnerabilities and their exploitation.