Buffer
Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G.
Hogle.
http://sfsecurity.pr.erau.edu
Formatting and logical errors – Consequences.
•Even if the attacker has very little control of the data that overwrites a return
pointer, they can always crash the program by sending the
program control to random places in memory.
•Crashing the program is a security risk for many reasons, including denial-of-service
attacks and core dumps of security-sensitive
data.
•It’s never safe to assume that a clever attacker can’t find a way to give input that
causes the output he wants.