Buffer Overflow Attack

A Buffer Overflow Attack is an attack that abuses a type of bug called a 'buffer overflow', in which a program overwrites memory adjacent to a buffer that should not have been modified intentionally or unintentionally.  Buffer overflows are commonly associated with C-based languages, which do not perform any kind of array bounds checking. As a result, operations such as copying a string from one buffer to another can result in the memory adjacent to the new (shorter) buffer to be overwritten with excess data.

When a buffer overflow occurs in a program, it will often crash or become unstable.  An attacker attempting to abuse a buffer overflow for a more specific purpose other than crashing the target system, can purposely overwrite important values in the call stack of the target machine such as the instruction pointer (IP) or base pointer (BP) in order to execute his or her potentially malicious unsigned code.  Operating system and software vendors often employ countermeasures in their products to prevent Buffer Overflow Attacks; particularly call stack and virtual memory randomization.  Given the existence of such protective measures, Buffer Overflow Attacks have been rendered more difficult, although still possible to carry out.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center