buffer overflow some how executing code?

Discussion in 'Computer Information' started by Eckstein C., Dec 6, 2005.

  1. Eckstein C.

    Eckstein C. Guest

    Ok, every so often I run across an article in a forum somewhere that
    given a "buffer overflow" a hacker can execute code on the system.

    This just seems like a load of bunk to me. I've been programming in
    various languages, including, though not limited to, c and cpp, and I
    haven never once encountered a situation where writing past the bounds
    of a buffer, which is just an array of characters, to suddenly be
    converted into some sort of "magical code" that can suddenly wreak
    havoc.

    In any programming I've done where you can write outside of the bounds
    of the buffer (char array), you get UNDEFINED behavior, not some magical
    power. Even the C and C++ specs state this.

    Can someone please explain to me where this comes from. One example I
    just read was an IE6 exploit where using a url that's too logn and
    contains "unusual" characters can allow a "hacker to run code on the
    system." Again, these look liek total bunk to me, as a URL is just text,
    and writting past the bound of the buffer just isn't going to give soem
    REMOTE hacker the ability to suddenly jump into your system, or some put
    code in there.

    Can anyone pelase clear this up? If I'm missing something here please
    let me know.
     
    Eckstein C., Dec 6, 2005
    #1
    1. Advertisements

  2. message One example I
    Pharming is a particularly nasty threat that uses email viruses and
    security loopholes in browsers and Internet infrastructure to redirect
    web users to specially created web sites where bank and credit card
    details can be harvested. Pharming can operate locally, on a PC
    infected by a virus, so that even though the correct web address is
    entered the victim ends up on the scammer’s web site.

    Alternatively it can affect whole groups of users thanks to Domain
    Name System ‘Poisoning’. In this scenario the scammer hacks into a
    DNS Directory and changes entries so that legitimate requests for a
    bank or credit card company web page are misdirected to bogus web
    sites. DNS poisoning can be hard to detect but the tell-tale signs of
    a ‘spoofed’ web address in the Address bar and the Status bar at the
    bottom of the page, which may contain unusual spellings or punctuation
    marks.
     
    Boscoe Pertwee, Dec 6, 2005
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.