Buffer Overrun



The buffer is the located in the RAM of the PC's memory and serves the purpose of temporary storage of data. This helps when saving data permanently on the computer by reducing the time taken for a save. They are used for a number of functions like when using a Excel, Word document etc and even when printing or burning a CD. Since buffers have their data stored only temporarily if there is a power failure or a freeze in the application will cause the content to be lost. The buffers do not function at their best when they are overloaded with data, so when excess data is forced into the buffer it overruns into another buffer. It is a three-fold problem that the buffers have, since the second buffer is not designed to hold data that overflows from the first. In order to store the overflow data the existing data in the second is destroyed or prone to corruption.

C programs are vulnerable to a buffer. This is because of a very common error during programming. To avoid this, tools like BOON are used to locate vulnerabilities of buffer overrun in the C source code. The most frequent overruns seen in buffers are stack and heap based. When the program is written the memory that holds the data is known as stack. The stack functions by removing the data that was stored first, while the heap stores the data created when the program is running.

A perfect example of a nefarious buffer overrun was seen in August 2003 when the Blaster Worm started doing damage in the buffer. The buffer overrun was exploited in Microsoft's RPC enabling crackers to gain control and shut down systems. The buffer overrun susceptibility was inflicted on Windows NT Server 4.0/2000/XP/Server 2003 Operating Systems. A malicious code was created and sent in a message to the remote procedure call server service (RPCSS) and when the overrun took place the crackers would execute their choice of code on the system. The buffer overrun was not only among businesses but also seen amongst home users using popular programs. "Buffer overruns are among the top three or four threats to individual users, especially those who connect to the Internet via broadband, it's the number one threat for networks" said Fred Felman, the Vice president of Zone labs an Internet security software company.

In layman terms, the problem is because the string from an unknown source like a cracker, using the Internet to access the targeted system, is read by the program. Now the program has a buffer allocated to it in the stack, but because the string was from an unreliable source there is a possibility of it being longer and this would cause a buffer overrun.

The first way to overcome the buffer overrun is to write a flawless program, but that is not the hands of the user. Microsoft recommends that a firewall be installed and kept on at all times. An antivirus program should be running and if it is a fault with the OS then a patch can be updated to fix it.

Get a Free Diagnostic Scan with RegCure PC Optimizer
Takes 4 Mins

Free Scan
Click Here


Page copy protected against web site content infringement by Copyscape

© 2008 RegistrySimple.com - Home   Contact Us   Privacy Policy   Terms of Use  

This website provides reviews of various products as a service to the Internet Community.
Each product or service is owned and trademarked by their respective company.
We do not endorse any of the companies, products, or services mentioned.
All information is provided as reviews and opinions only.