Buffer
Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G.
Hogle.
http://sfsecurity.pr.erau.edu
Careless
use of buffers without bounds checking - Consequences.
•If
the buffer overflow is big enough the attacker can hijack the machine. For
example, in UNIX a buffer overflow of less than 50 bytes in a process that has root privileges can be used
to “spin a shell.” This means that the attacker obtains a command shell with
root privileges. Hijacking the machine can also be done by a worm as it spreads. But
never assume that small buffers, even if it’s a two byte buffer, are safe because attack code can be
placed in another buffer, beyond the
return pointer, or on the heap.
•Any
security sensitive data that follows the buffer can be overwritten, such as passwords or variables that designate privileges.
•The
software might crash. This can
cause a core dump giving the attacker access
to any security-sensitive data that was in the program’s memory at the time of the core dump.