Buffer Overflow vulnerabilities have become quite common in the

information security industry and have often plagued web servers.

However, they have not been commonly seen or exploited at the web

application layer itself. The primary reason is that an attacker needs

to analyze the application source code or the software binaries. Since

the attacker must exploit custom code on a remote system, they

would have to perform the attack blind, making success very difficult.

Buffer Overflows vulnerabilities most commonly occur in

programming languages such as C and C++. A Buffer Overflow can

occur in a CGI program or when a web page accesses a C program.

References

 Inside the Buffer Overflow Attack: Mechanism, Method and

Prevention , By Mark E. Donaldson   GSEC

http://www.sans.org/rr/code/inside_buffer.php

 w00w00 on Heap Overflows , By Matt Conover   w00w00 Security

Team

http://www.w00w00.org/files/articles/heaptut.txt

 Smashing The Stack For Fun And Profit , By Aleph One   Phrack 49

http://www.insecure.org/stf/smashstack.txt

4.2  Format String Attack

Format String Attacks alter the flow of an application by using string

formatting library features to access other memory space.

Vulnerabilities occur when user supplied data are used directly as

formatting string input for certain C/C++ functions (e.g. fprintf,

printf, sprintf, setproctitle, syslog, ...).

28

Copyright 2004, Web Application Security Consortium. All rights reserved.