?
Solved

Buffer overflows

Posted on 2004-09-01
3
Medium Priority
?
310 Views
Last Modified: 2010-04-11
g'day experts,

I am researching web application security and I wonder if anyone knows a good example of a buffer overflow attack on a company web site that is either well documented or which they could expalin.

All i can get at the moment is definitions and decriptions, I really need an example of an attack that has occured. It has to be one that targeted a web applcation.

thank you
0
Comment
Question by:claracruz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 600 total points
ID: 11956147
Code Red is probably the better known example:

http://www.cert.org/advisories/CA-2001-19.html
0
 
LVL 5

Accepted Solution

by:
rsriprac earned 600 total points
ID: 11960899
I like using:

http://icat.nist.gov/icat.cfm

And just search "Buffer overflow", and you should get a good list from there.  For some of the adviserires they will give some proof of concepts.

Also if your are a real noob, you should start here:

http://www.securiteam.com/securityreviews/5OP0B006UQ.html

-Ram
0
 
LVL 1

Assisted Solution

by:CoopR
CoopR earned 800 total points
ID: 11965181
Try http://www.infosecwriters.com/hhworld/hh8/WideChapter.txt

While not a bufferflow for a webserver ithe basics are still the same regardless of what  it's targeting and it is very well documented.

If your looking for real life forensics reports then that may be tough, I'd imagine most companies keep that sort of thing confidential. I would recomend looking at the hackers challenge books, they have excellent examples bassed on real life situations. http://www.amazon.co.uk/exec/obidos/ASIN/0072193840/ref=pd_sim_b_dp_5/202-4673388-5023834
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question