Buffer overflow attack
(also buffer overflow, buffer overrun, buffer overflow exploit)
Buffer overflow attack definition
A security exploit where the attacker deliberately overloads a program’s buffer (temporary storage used when moving data) to make it overwrite adjacent memory locations. This can change the app’s execution path, resulting in damaged files or exposure of sensitive data. In some cases, attackers can even insert sophisticated malicious scripts into a program’s executable code.
Buffer overflow attacks are the most common type of DDoS attack. They affect nearly all applications and web servers, although some programming languages are more susceptible than others. In particular, PERL, Java, JavaScript, and C# have inbuilt safeguards against buffer overflow attacks.
Real buffer overflow attack examples
1988: The Morris Worm accidentally crashed ARPANET (the precursor to the internet) as the result of a buffer overflow attack.
2019: Hackers exploited voice-over-internet protocol vulnerabilities to carry out a successful buffer overflow attack on WhatsApp and inject malware into many users’ devices.
Stopping a buffer overflow attack
- Avoid writing code in C/C++ because these programming languages don’t offer protection against accessing or overwriting data in their memory. Use PERL, Java, JavaScript, or C# instead.
- Employ bounds-checking for buffers and enforce it at runtime.
- Avoid standard library functions that have not been bounds-checked when writing code.
- Test the code for buffer overflows and patch out any bugs that cause them.
