9 1

Questions and Answers

What is a common attack mechanism that exploits buffer overflow vulnerabilities?

Denial of service

Cross-site scripting

Buffer overflow (correct)

SQL injection

What is shellcode?

Code used to overflow a buffer (correct)

Code used to harden programs

Code used to detect and abort attacks

Code used to protect a system from attacks

What are the consequences of buffer overflow?

Loss of internet connection

None of the above

Physical damage to the computer

Corruption of program data, unexpected transfer of control, and memory access violations (correct)

What is the traditional purpose of shellcode?

To transfer control to a user command-line interpreter

What are some prevention techniques for buffer overflow?

Prevention techniques exist

What are some targets of stack overflow variants?

Trusted system utilities

Which worms exploited buffer overflow vulnerabilities?

Morris Internet Worm and Sasser

What are the two broad defense approaches against buffer overflows?

Compile-time and run-time defenses

What is the aim of compile-time defenses?

To harden programs to resist attacks in new programs

What happens when a process attempts to store data beyond the limits of a fixed-sized buffer?

Buffer overflow occurs

What are some safe coding techniques?

Auditing the existing code base and using safe libraries

How can vulnerable programs be identified?

Inspecting program source, tracing program execution, and using tools such as fuzzing

What can language extensions and safe libraries do?

Replace unsafe standard library routines

Which programming languages are vulnerable to buffer overflow?

C and related languages

What are some common unsafe C standard library routines?

gets(), sprintf(), strcat(), and strcpy(

What do stack protection mechanisms do?

Add function entry and exit code to check the stack for signs of corruption

What is a stack buffer overflow?

When the buffer is located on the stack

What is the aim of run-time defenses?

To detect and abort attacks in existing programs

Are modern high-level languages vulnerable to buffer overflow?

Yes, but they have overhead and limits on use

What can be done to achieve executable address space protection?

Blocking the execution of code on the heap

Study Notes

1. Buffer overflow is a common attack mechanism.
2. Prevention techniques exist, but it is still a major concern due to buggy code and careless programming practices.
3. The Morris Internet Worm, Code Red, Slammer, and Sasser worms all exploited buffer overflow vulnerabilities.
4. Buffer overflow occurs when a process attempts to store data beyond the limits of a fixed-sized buffer.
5. Consequences of buffer overflow include corruption of program data, unexpected transfer of control, and memory access violations.
6. Identifying vulnerable programs can be done through inspection of program source, tracing program execution, and using tools such as fuzzing.
7. Modern high-level languages are not vulnerable to buffer overflow, but have overhead and limits on use.
8. C and related languages are vulnerable to buffer overflow and have a large legacy of widely used, unsafe code.
9. Stack buffer overflows occur when the buffer is located on the stack.
10. Some common unsafe C standard library routines include gets(), sprintf(), strcat(), and strcpy().

Description

Are you familiar with buffer overflows and their potential consequences? Take this quiz to test your knowledge on the common attack mechanism and the prevention techniques available to combat it. Discover how the Morris Internet Worm, Code Red, Slammer, and Sasser worms all exploited buffer overflow vulnerabilities. Learn about identifying vulnerable programs and the unsafe C standard library routines that put them at risk. Test your understanding of the topic with this informative and engaging quiz.