Estado de vulnerabilidad que se crea por métodos de
codificación poco seguros, y en el que un programa desborda el límite del
buffer y escribe datos en el espacio de memoria adyacente. Los desbordamientos
de buffer son aprovechados por los atacantes para obtener acceso no autorizado
a los sistemas o datos.
http://es.pcisecuritystandards.org
En relación con la programación y seguridad
informática, es un tipo de vulnerabilidad que afecta al software y es muy
utilizada para realizar ataques dirigidos a conseguir que el programa realice
las acciones que el atacante, y no el propio programa, quiera. Son defectos en
la programación que provocan un error o el cuelgue del sistema pero son
provocados de forma intencionada.
Si hiciéramos una comparación, el desbordamiento de
búfer provoca algo similar a lo que ocurre cuando llenamos un vaso mas allá de
su capacidad: éste se desborda y el contenido se derrama. Cuando el programador
no incluye las medidas necesarias para comprobar el tamaño del búfer en
relación con el volumen de datos que tiene que alojar, se produce también el
derramamiento de estos datos que se sobrescriben en otros puntos de la memoria,
lo cual puede hacer que el programa de errores o incluso se cuelgue.
El atacante calcula qué cantidad de datos necesita
enviar para conseguir saber cuándo se producirá el desbordamiento y dónde se
reescribirán los datos y posteriormente consigue el desbordamiento, en
definitiva, que el programa ejecute el código que él ha enviado.
Este tipo de vulnerabilidad, dado que se produce por
un defecto en el código del programa, sólo puede ser solventada mediante las
actualizaciones o parches del programa en cuestión, lo cual hace muy necesario
mantener actualizados todos los programas instalados en nuestro equipo.
http://www.inteco.es/glossary/Formacion/Glosario/
Se dice que un buffer se desborda cuando, de forma
incontrolada, al intentar meter en él más datos de los que caben el exceso se
vierte en otras zonas del sistema causando daños y perjuicios. A veces se trata
de un mero accidente con consecuencias desagradables. A veces se trata de un
ataque planificado que habilita alguna ventaja para el atacante.
Los desbordamientos de memoria pueden considerarse
defectos de programación. Algunos lenguajes impiden con más o menos éxito que
los desbordamientos puedan ocurrir; en otros lenguajes se requiere una
precaución explícita por parte del programador que acaba siendo el último
responsable de que el sistema sea o no vulnerable a este tipo de incidentes.
(en) buffer overflow
A condition at an interface
under which more input can be placed into a buffer or data holding area than
the capacity allocated, overwriting other information. Attackers exploit such a
condition to crash a system or to insert specially crafted code that allows
them to gain control of the system . [CNSSI_4009:2010]
(I) Any attack technique
that exploits a vulnerability resulting from computer software or hardware that
does not check for exceeding the bounds of a storage area when data is written
into a sequence of storage locations beginning in that area. [RFC4949:2007]
The result of a programming
flaw. Some computer programs expect input from the user (for example, a Web
page form might accept phone numbers from prospective customers). The program
allows some virtual memory for accepting the expected input. If the programmer
did not write his program to discard extra input (e.g., if instead of a phone
number, someone submitted one thousand characters), the input can overflow the
amount of memory allocated for it, and break into the portion of memory where
code is executed. A skillful hacker can exploit this flaw to make someone's
computer execute the hacker's code. Used interchangeably with the term,
"buffer overrun."
http://www.watchguard.com/glossary/
Attack where a hacker exploits
an unchecked buffer in a program to overwrite the program code. If the hacker overwrites the program code
with new executables code, the hacker can change the program's operation. If the hacker enters other data, it usually
causes the program to crash.
http://www.qtsnet.com/SecuritySolutions/security_glossary.html
A buffer overflow occurs
when a program or process tries to store more data in a buffer (temporary data
storage area) than it was intended to hold. Since buffers are created to
contain a finite amount of data, the extra information - which has to go
somewhere - can overflow into adjacent buffers, corrupting or overwriting the
valid data held in them.
A condition that results
from adding more information to a buffer than it was designed to hold. An
attacker may exploit this vulnerability to take over a system.
http://www.getsafeonline.org/
An exploitation technique
that alters the flow of an application by overwriting parts of memory. Buffer
Overflows are a common cause of malfunctioning software. If the data written
into a buffer exceeds its size, adjacent memory space will be corrupted and
normally produce a fault. An attacker may be able to utilize a buffer overflow
situation to alter an application's process flow. Overfilling the buffer and
rewriting memory-stack pointers could be used to execute arbitrary
operating-system commands.
http://www.webappsec.org/projects/glossary/
A buffer overflow occurs when
a program or process tries to store more data in a buffer (temporary data
storage area) than it was intended to hold. Since buffers are created to
contain a finite amount of data, the extra information - which has to go
somewhere - can overflow into adjacent buffers, corrupting or overwriting the
valid data held in them. Although it may occur accidentally through programming
error, buffer overflow is an increasingly common type of security attack on
data integrity. In buffer overflow attacks, the extra data may contain codes
designed to trigger specific actions, in effect sending new instructions to the
attacked computer that could, for example, damage the user's files, change
data, or disclose confidential information. Buffer overflow attacks are said to
have arisen because the C programming language supplied the framework, and poor
programming practices supplied the vulnerability.
http://searchsoftwarequality.techtarget.com/glossary/
A buffer overflow occurs
when a program or process tries to store more data in a buffer (temporary data
storage area) than it was intended to hold. Since buffers are created to
contain a finite amount of data, the extra information - which has to go
somewhere - can overflow into adjacent buffers, corrupting or overwriting the
valid data held in them.
http://www.sans.org/security-resources/glossary-of-terms/
Buffer Overflow attacks
target improper or missing bounds checking on buffer operations, typically
triggered by input injected by an attacker. As a consequence, an attacker is
able to write past the boundaries of allocated buffer regions in memory,
causing a program crash or potentially redirection of execution as per the
attacker's choice.
Attack Execution Flow
·
The
attacker identifies a buffer to target. Buffer regions are either allotted on
the stack or the heap, and the exact nature of attack would vary depending on
the location of the buffer
·
Next, the
attacker identifies an injection vector to deliver the excessive content to the
targeted buffer.
·
The
attacker crafts the content to be injected. If the intent is to simply cause
the software to crash, the content need only consist of an excessive quantity
of random data. If the intent is to leverage the overflow for execution of
arbitrary code, the attacker will craft a set of content that not only
overflows the targeted buffer but does so in such a way that the overwritten
return address is replaced with one of the attacker's choosing which points to
code injected by the attacker.
·
The
attacker injects the content into the targeted software.
·
Upon
successful exploitation, the system either crashes or control of the program is
returned to a location of the attacker's choice. This can result in execution
of arbitrary code or escalated privileges, depending upon the exploited target.
Attack Pattern 100
http://capec.mitre.org/data/index.html
Une vulnérabilité qui
est créée par des méthodes de codage non sécurisées, lorsqu’un programme sature
la limite de la mémoire tampon et inscrit des données dans un espace de mémoire
adjacent. Les saturations de mémoire tampon sont utilisées par les pirates pour
obtenir un accès non autorisé aux systèmes ou aux données.
http://fr.pcisecuritystandards.org/
Faille d'un système
provoquée par l'envoi à un buffer de plus d'informations qu'il ne peut en
contenir. Ceci permet, dans certains cas des comportements non prévus pas les
développeurs du programme vulnérable pouvant conduire à l'obtention de droits
et privilèges particuliers sur la machine qui héberge l'application vulnérable.
http://www.cases.public.lu/functions/glossaire/
Est une attaque
classique consistant à exploiter la mauvaise gestion de la pile mémoire
(réservation et relâche des espaces mémoires) dans un programme.
La personne
malveillante envoie délibérément trop d'informations dans un champs ou une
variable spécifique, entraînant un dépassement de la zone mémoire allouée à
cette variable. La personne malveillante peut alors obtenir des droits d'accès
élevés (ex.: root) ou disposer du code exécutable malicieux dans la zone de
mémoire débordée.
http://securit.free.fr/glossaire.htm