Solved

Buffer overflows

Posted on 2004-09-01
3
306 Views
Last Modified: 2010-04-11
g'day experts,

I am researching web application security and I wonder if anyone knows a good example of a buffer overflow attack on a company web site that is either well documented or which they could expalin.

All i can get at the moment is definitions and decriptions, I really need an example of an attack that has occured. It has to be one that targeted a web applcation.

thank you
0
Comment
Question by:claracruz
3 Comments
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 150 total points
ID: 11956147
Code Red is probably the better known example:

http://www.cert.org/advisories/CA-2001-19.html
0
 
LVL 5

Accepted Solution

by:
rsriprac earned 150 total points
ID: 11960899
I like using:

http://icat.nist.gov/icat.cfm

And just search "Buffer overflow", and you should get a good list from there.  For some of the adviserires they will give some proof of concepts.

Also if your are a real noob, you should start here:

http://www.securiteam.com/securityreviews/5OP0B006UQ.html

-Ram
0
 
LVL 1

Assisted Solution

by:CoopR
CoopR earned 200 total points
ID: 11965181
Try http://www.infosecwriters.com/hhworld/hh8/WideChapter.txt

While not a bufferflow for a webserver ithe basics are still the same regardless of what  it's targeting and it is very well documented.

If your looking for real life forensics reports then that may be tough, I'd imagine most companies keep that sort of thing confidential. I would recomend looking at the hackers challenge books, they have excellent examples bassed on real life situations. http://www.amazon.co.uk/exec/obidos/ASIN/0072193840/ref=pd_sim_b_dp_5/202-4673388-5023834
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
How do we balance the user experience (UX) with reasonable security measures? It can be done, if you keep these fundamentals in mind.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question