chapter 10

A buffer overflow error is not likely to lead to eventual program termination.

The most common technique for using an appropriate synchronization mechanism to serialize the accesses to prevent errors is to acquire a _______ on the shared file, ensuring that each process has appropriate access in turn.

A buffer overflow in Microoft Windows 2000/XP Local Security Authority Subsystem Service was exploited by the _________ .

Even though it is a high-level programming language, Java still suffers from buffer overflows because it permits more data to be saved into a buffer than it has space for.

_______is one of the best known protection mechanisms that is a GCC compiler extension that inserts additional function entry and exit code.

A ____value is named after the miner’s bird used to detect poisonous air in a mine and warn miners in time for them to escape.

In the classic ______overflow, the attacker overwrites a buffer located in the local variable area of a stack frame and then overwrites the saved frame pointer and return address.

A number of widely used standard C _____compound the problem of buffer overflow by not providing any means of limiting the amount of data transferred to the space available in the buffer.

Shellcode must be able to run no matter where in memory it is located.

There is a problem anticipating and testing for all potential types of non-standard inputs that might be exploited by an attacker to subvert a program

An essential component of many buffer overflow attacks is the transfer of execution to code supplied by the attacker and often saved in the buffer being overflowed. This code is known as ______

In 2003 the _________ exploited a buffer overflow in Microsoft SQL Server 2000.

The buffer overflow type of attack has been known since it was first widely used by the __________ Worm in 1988.

Key issues from a software security perspective are whether the implemented algorithm correctly solves the specified problem, whether the machine instructions executed correctly represent the high level algorithm specification, and whether the manipulation of data values in variables is valid and meaningful.

An attacker is more interested in transferring control to a location and code of the attacker’s choosing rather than immediately crashing the program.

______ can prevent buffer overflow attacks, typically of global data, which attempt to overwrite adjacent regions in the processes address space such as the global offset table.

There are several generic restrictions on the content of shellcode.

A _____can occur as a result of a programming error when a process attempts to store data beyond the limits of a fixed-size buffer and consequently overwrites adjacent memory locations.

A stack overflow can result in some form of a denial-of-service attack on a system.

______ defenses aim to harden programs to resist attacks in new programs

_____defenses aim to detect and abort attacks in existing programs.

Data is simply an array of ______

“Smashing the Stack for Fun and Profit” was a step by step introduction to exploiting stack-based buffer overflow vulnerabilities that was published in Phrack magazine by ______

The _____project produces a free, multiplatform 4.4BSD-based UNIX-like operating system.

The _____is typically located above the program code and global data and grows up in memory (while the sack grows down toward it).

A _____overflow occurs when the targeted buffer is located on the stack, usually as a local variable in a function’s stack frame.

__________ aim to prevent or detect buffer overflows by instrumenting programs when they are compiled.

A buffer _________ is a condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting other information.

The __________ used a buffer overflow exploit in “fingerd” as one of its attack mechanisms.

To exploit any type of buffer overflow the attacker needs to identify a buffer overflow vulnerability in some program that can be triggered using externally sourced data under the attackers control.

The Packet Storm Web site includes a large collection of packaged shellcode, including code that can:

An attacker can generally determine in advance exactly where the targeted buffer will be located in the stack frame of the function in which it is defined.

_________ is a form of overflow attack.