Previous
Guarded Memory Move (GMM) Buffer Overflow Detection And Analysis
White Papers Buffer overflow attacks have become more and more frequent with the advent of the Internet. Many famous packages like bind, wu_ftp, apache and sendmail, just to keep the list short, have been subject of buffer overflow vulnerabilities.
[October 4, 2004, 0:00]
Buffer Overflow Flaw Found In Open Source MP3 Player
News The software vulnerability may lead to an exploit in which a specially crafted MP2 or MP3 file could cause a memory problem called a "buffer overflow" that could allow an attacker to run malicious code.
[January 12, 2005, 7:50]
Transmeta Adds Buffer-overflow Protection At Chip Level
News The "No Execute", or NX, technology is designed to help prevent a buffer overflow, a type of attack that involves overwhelming a computer's defence systems and inserting a malicious program in buffer, or temporary, memory.
[May 18, 2004, 9:00]
Understanding Buffer Overflow Attacks
White Papers One of the methods used to gain access to systems was a buffer overflow exploit of a UNIX service called finger. But the buffer overflow attack on finger replaced the server program with a UNIX command interpreter, or shell.
[October 12, 2003, 0:00]
Trend Micro Plugs Buffer Overflow Bug
News Security solutions provider Trend Micro has released a fix for buffer overflow vulnerabilities found in its home user and corporate anti-virus packages. The bug is known to allow individuals to use a controlled buffer overflow to crash the anti...
[December 12, 2002, 12:17]
VCard Security Hole Leaves Outlook Users Exposed
News The vulnerability is known as a buffer overflow, because it allows code to execute outside the program's normal perimeters. Eric Chien, chief researcher at Symantec's Antivirus Research Centre (SARC) in Europe, said virus writers rarely use buffer...
[February 26, 2001, 11:17]
Playing Silly Buffers: How Bad Programming Lets Viruses In
News One of the most prevalent types of attack on networked computers is the buffer overflow. The processor can read and write it as usual so a buffer overflow can happen, but if the compromised address tries to transfer control to within the buffer...
[January 15, 2004, 16:40]
OpenOffice Confirms Hack Attack Risk
News OpenOffice.org has confirmed a buffer overflow issue that could allow remote attacks. In an email sent to ZDNet UK sister site CNET News.com, Louis Suarez-Potts, community manager for OpenOffice, said that work on a fix for the buffer overflow...
[April 14, 2005, 12:40]
AOL: Fix For Critical IM Flaw Due This Week
News AOL acknowledged on Tuesday that its Instant Messenger client is vulnerable to a buffer-overflow attack, and promised that a fix would be available to users within days. The vulnerability is caused due to a boundary error within the handling of...
[August 10, 2004, 15:20]
Security Hole Leaves HP-UX Wide Open
News A remotely exploitable buffer overflow has been detected in HP-UX servers running the telnetd remote access daemon, which could crash the server or allow an intruder to gain root access. The buffer overflow is derived from BSD UNIX source code, and...
[October 19, 2001, 17:07]
OpenOffice Bug Hits Multiple Operating Systems
News Security experts have discovered TIFF-based buffer overflow vulnerabilities in OpenOffice.org that could allow attackers to remotely execute code on Linux, Windows or Apple Mac-based computers. This results in the allocation of a buffer of...
[September 25, 2007, 10:00]
Yahoo Fixes Messenger Transfer Flaw
News A serious security bug in Yahoo's Instant Messenger, which could cause a buffer-overflow error and leave users' machines open to malicious code, was finally repaired on Thursday. A buffer overflow occurs when an application receives a string of...
[January 12, 2004, 11:45]
Unix/Linux Shops -- Beware Of Kerberos Hole
News The Kerberos Administration daemon (kadmind), which is used in connection with Kerberos authentication, contains a buffer overflow vulnerability in many implementations, mostly affecting Linux/Unix. CERT Advisory CA-2002-29, "Buffer Overflow in...
[November 11, 2002, 16:54]
Malicious Code Protector: A New Approach For Detecting And Blocking Buffer Over?ow Attacks
White Papers While attack countermeasures have been developed to identify a buffer overflow attack after it has emerged, current solutions are unable to identify new attacks or variations on the attack. To solve this problem Check Point developed Malicious Code...
[March 1, 2005, 23:00]
Yahoo Patches Messenger, Chat Flaws
News Yahoo on Friday issued security patches for its Yahoo Instant Messenger and Yahoo Chat clients in an effort to fix a buffer overflow vulnerability discovered in the software. A buffer overflow is a common security vulnerability in computer programs...
[June 2, 2003, 7:49]
OpenBSD 3.9 Released
News The OpenBSD project on Monday released version 3.9 of its open source operating system, which offers improvements including a new sensor framework and better buffer overflow protection. The OS has also introduced fully enabled randomised memory...
[May 3, 2006, 11:20]
Want Secure IE? Then Upgrade To XP...
Talkback So if a buffer overflow vulnerability is found in Firefox, it’s some how magically not a problem just because firefox is not integrated into windows? Unfortunately that just isn’t true, if I inject code into firefox using a buffer overflow, I can...
[October 8, 2004, 15:23]
Yahoo Answers IM Security Flaw
News The company said the security issue was related to a buffer overflow, which is a common security vulnerability in computer programs written in C and C++ that allows more information to be added to a chunk of memory than it was designed to hold.
[December 8, 2003, 9:40]
Chips To Fight Viruses
News Execution Protection by AMD, technology contained in AMD's Athlon 64 chips, prevents a buffer overflow, which is a common method used to attack computers. A buffer overflow essentially overwhelms a computer's defence systems and then inserts a...
[January 9, 2004, 7:45]
Software Tweak May Make Operating Systems Safer
News Theo de Raadt, the project leader for the group, believes that the group's latest improvements to the Unix variant, due to be released on 1 May, will make causing a buffer overflow extremely difficult, if not impossible.
[April 14, 2003, 8:43]
