Scribd
Upload
26 views

Web Application Security - BufferOverflow

The document discusses buffer overflow, which occurs when data exceeds the allocated memory space for a buffer. This allows attackers to overwrite memory and execute malicious code, gaining access to systems. The document recommends using managed memory languages to prevent buffer overflow attacks, and techniques like address space randomization, bounds checking, and static code analysis.

Uploaded by

Kritika Irkal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
26 views

Web Application Security - BufferOverflow

The document discusses buffer overflow, which occurs when data exceeds the allocated memory space for a buffer. This allows attackers to overwrite memory and execute malicious code, gaining access to systems. The document recommends using managed memory languages to prevent buffer overflow attacks, and techniques like address space randomization, bounds checking, and static code analysis.

Uploaded by

Kritika Irkal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Web Application

Security
- Buffer Overflow
Bhavya Chougale(2018hs70015)
Krittika Irkal(2018hs70016)
What is Buffer Overflow?
 Buffer overflow or buffer overrun is a common software coding mistake that
an attacker gains access to your system.
 It happens when the data that needs to be saved exceeds the allocated
memory space in the buffer.
Buffer Overflow - Attacks

 Buffer overflow issues are exploited by attackers by


overwriting the memory of an application. 
 An attacker can act in various ways: 
 Intentionally feed input that the buffer cannot store and overwrite
areas that hold executable code, replacing it with their own
malicious code. 
 Introduce extra code to gain access to IT systems.
Executable Code:

 Demo
Buffer Overflow - Prevention

 Most language’s like python, ruby, .net, java use manages memory
and are immune to buffer overflow attacks.
 Avoid C/C++ .
 Address space layout randomization.
 Executable space protection.
 Bounds checking.
 Static code analysis.
THANK YOU

You might also like