(A buffer is where data is stored in memory. When the program tries to put the data in a certain location in the machine memory, the buffer overflow will occur because there is not enough space. The artificial overflow has a certain intention. The attacker writes a string that exceeds the length of the buffer, and then implants it into the buffer, and then implants an ultra-long string into a buffer with limited space. There are two results, one is that the excessively long string covers the adjacent storage units, causing the program to fail to run, which can seriously cause the system to crash; the other is that this vulnerability can be used to execute arbitrary commands, and even obtain system root. Privilege privileges. Most buffer overflows are caused by programs that do not carefully detect user input parameters.
"A Decade of Weaknesses in Attacks and Defenses" - Buffer Overflow Attacks.doc)
收藏
