Language Selection

English French German Italian Portuguese Spanish

Preventing Buffer Overflow Exploits

Filed under
Security

Internet servers, including Web, e-mail, and FTP servers have long been a target of different kinds of attacks aiming to disable them from providing services to their respective users. One particular exploit, which has become almost ubiquitous in the last several years, is the buffer overflow exploit.

Buffer Overflow Exploit in Action

A successful buffer overflow exploit has four steps:
1. Find a process that is vulnerable to the buffer overflow exploits
2. In order to inject the most damage, the process should run with root privileges.
3. Decide what to execute as a result of buffer overflow exploit
4. Find a way from the vulnerable process to start the chosen process

The troubling thing about buffer overflow exploits is that good programming practices could wipe out even potential exploits; however, that simply has not happened. The defense against such exploits should revolve around controlling access to sensitive systems, installing software updates that replace exploitable software, and being aware of what a buffer overflow exploit looks like when your system is the intended victim.

Part 1.

Part 2.

More in Tux Machines

GNOME Software 3.22 Will Support Installation of Snaps, Flatpak Repository Files

The GNOME 3.21.4 desktop environment was released last week, which means that many of the default applications and components were updated with bug fixes and various enhancements. Read more

openSUSE Leap 42.2 Now Merged with SUSE Linux Enterprise 12 Service Pack 2

The development cycle of the openSUSE Leap 42.2 operating system continues, and today we would like to inform our readers about the availability of the third and last Alpha build in the series. Read more

Linux 4.7 and Linux 4.8

  • Linux Kernel 4.7 Officially Released, Introduces Support for Radeon RX480 GPUs
    Today, July 24, 2016, after a week of holiday fun, Linus Torvalds has had the great pleasure of announcing the release of Linux kernel 4.7 for all GNU/Linux operating systems. The Linux 4.7 kernel has been in development for the past two months, but that shouldn't surprise anyone who is either reading our website on a regular basis or keeping pace with the Linux kernel development cycle, which was very normal for this branch. A total of seven Release Candidate (RC) testing builds were released since May 29, 2016, which introduced numerous new features and improvements.
  • The Biggest Features Of The Linux 4.7 Kernel
    If all goes according to plan, the Linux 4.7 kernel will be released before the day is through.
  • The Size Of Different DRM Graphics Drivers In Linux 4.7
    Last October I looked at The Size Of The Different Open-Source Linux DRM/Mesa Graphics Drivers, but with it being nearly one year since then and Linux 4.7 due out today, I decided to run some fresh L.O.C. measurements on the popular DRM/KMS drivers to see their current sizes. This lines-of-code counting was mostly done out of a curiosity factor. In this article I'm just looking at the in-kernel DRM code and not the Mesa drivers, DDX drivers, LLVM back-ends, or anything else in user-space related to the open-source graphics drivers.
  • The Btrfs Windows Driver Updated With RAID Support & Other Features
  • Hardened Usercopy Appears Ready To Be Merged For Linux 4.8
    Yet another Linux kernel security feature coming to the mainline kernel that appears readied for the Linux 4.8 merge window is hardened usercopy. Hardened usercopy was originally based upon GrSecurity's PAX_USERCOPY feature but reworked into a whole new form, according to developer Kees Cook at Google. This hardened usercopy is to be exposed as the CONFIG_HARDENED_USERCOPY option within the kernel.

Ubuntu MATE 16.04.1 LTS Fixes the Raspberry Pi Partition Resizer, Adds MATE 1.14

As part of the Ubuntu 16.04.1 LTS (Xenial Xerus) announcement, Martin Wimpress informs us about the release of the Ubuntu MATE 16.04.1 LTS operating systems for users of Ubuntu MATE 16.04 LTS. Ubuntu MATE 16.04.1 LTS is not a major release, and if your Ubuntu MATE 16.04 LTS (Xenial Xerus) installation is up to date, you already have the latest software updates and security patches that have been injected in the new installation mediums generated mainly for those who want to reinstall or deploy the OS on new systems. Read more