Buffer Overflow, a Common Attack

Data can exceed a buffer’s capacity. Not many people may know or have heard about buffer overflow, but we are here to help you understand this dangerous web threat. To put it simply, most programs that run in our computers manipulate data of some form. This data could originate from data associated with the program or logged data that is stored on your computer. The computer assigns this data to a temporary storage, also known as a “buffer”, where they can be quickly used and deployed.

 

What is Buffer Overflow?

Now, imagine a buffer as an empty cup that can be filled with water or ice. It has the capacity to store a fixed amount of water or, in this case, data. If there is more water than it can hold, the water will leak and overflow onto your table. Buffer overflow happens in a very similar, albeit a bit more complicated way. Buffers have a limited amount of data they can store and if the buffer is overwhelmed with extra data, it will naturally fall into adjacent buffers to make up the storage.

The overflow of data can be caused by a simple programming error made during its development. However, malicious hackers are able to enact an overflow and perform severe damage to any computing system.

How Does Buffer Overflow Affect You?

According to the SANS Institute, a buffer overflow may cause havoc on network systems and applications. More specifically, buffer overflows can:

  1. Corrupt data that was stored in other buffers, which may lead to a 404 error.
  2. Interrupt the normal flow of programs.
  3. Shut down an operating system.
  4. Run malicious programs through the excess data.

So How Can I Prevent Buffer Overflow?

Buffer Overflow comes in many sizes and these days, they can come also as viruses. Therefore, if you don’t have a firewall and an antivirus software, we strongly advise to install them at once. Make updates as soon as possible when your antivirus and firewall programs ask your permission. In addition, avoid opening unknown and suspicious emails as they can execute malicious programs or malware that can lead to your PC becoming a zombie bot. Don’t install suspicious third party programs because this could be a gateway to allow hackers to mess with your operation system.


This blog post was originally featured on cloudbric.com. Visit their blog for more insight, news, and accessible information on web threats and trends. If you would like to learn more about Cloudbric’s logic-based WAF service, please contact info@cloudbric.com.