DDoSPedia is a glossary that focuses on network and
application security terms with many distributed
definitions. It provides a central place for hard to find web-scattered
definitions on this topic.
A Buffer Overflow Attack is an attack that abuses a type of bug called a “buffer overflow”, in which a program overwrites memory adjacent to a buffer that should not have been modified intentionally or unintentionally. Buffer overflows are commonly associated with C-based languages, which do not perform any kind of array bounds checking. As a result, operations such as copying a string from one buffer to another can result in the memory adjacent to the new (shorter) buffer to be overwritten with excess data.
When a buffer overflow occurs in a program, it will often crash or become unstable. An attacker attempting to abuse a buffer overflow for a more specific purpose other than crashing the target system, can purposely overwrite important values in the call stack of the target machine such as the instruction pointer (IP) or base pointer (BP) in order to execute his or her potentially malicious unsigned code. Operating system and software vendors often employ countermeasures in their products to prevent Buffer Overflow Attacks; particularly call stack and virtual memory randomization. Given the existence of such protective measures, Buffer Overflow Attacks have been rendered more difficult, although still possible to carry out.