97
Buffer Overflows
•Target: DoS or command execution
•
•How:
–sending “too much” data to a buffer, causing overflow
–Note: Turning stack overflow into remote command execution
•Log manifestation:
–very very long path/parameter name/parameter value/HTTP header name/HTTP header value.
–With code execution in mind – usually involves non-printable characters (machine code).
•
•False alarms: not likely
•
No notes for this slide