.pf{position:relative;background-color:#fff;overflow:hidden;margin:0;border:0}.pc{position:absolute;border:0;padding:0;margin:0;top:0;left:0;width:100%;height:100%;overflow:hidden;display:block;transform-origin:0 0;-ms-transform-origin:0 0;-webkit-transform-origin:0 0}.bi{position:absolute;border:0;margin:0}.t{position:absolute;white-space:pre;font-size:1px;transform-origin:0 100%;-ms-transform-origin:0 100%;-webkit-transform-origin:0 100%;unicode-bidi:bidi-override;-moz-font-feature-settings:"liga" 0}.t:after{content:''}.t:before{content:'';display:inline-block}.t span{position:relative;unicode-bidi:bidi-override}._{display:inline-block;color:transparent;z-index:-1}.pi{display:none}@media screen{.pf{margin:13px auto;box-shadow:1px 1px 3px 1px #333;border-collapse:separate}}.ff1{font-family:ff1;line-height:.938965;font-style:normal;font-weight:400;visibility:visible}.ff2{font-family:ff2;line-height:.666504;font-style:normal;font-weight:400;visibility:visible}.ff3{font-family:ff3;line-height:.938477;font-style:normal;font-weight:400;visibility:visible}.ff4{font-family:ff4;line-height:.938477;font-style:normal;font-weight:400;visibility:visible}.m1{transform:matrix(.310698,0,-.077675,.310698,0,0);-ms-transform:matrix(.310698,0,-.077675,.310698,0,0);-webkit-transform:matrix(.310698,0,-.077675,.310698,0,0)}.m0{transform:matrix(.320260,0,0,.320260,0,0);-ms-transform:matrix(.320260,0,0,.320260,0,0);-webkit-transform:matrix(.320260,0,0,.320260,0,0)}.ls0{letter-spacing:0}.sc0{text-shadow:-.015em 0 transparent,0 .015em transparent,.015em 0 transparent,0 -.015em transparent}@media screen and (-webkit-min-device-pixel-ratio:0){.sc0{-webkit-text-stroke:.015em transparent;text-shadow:none}}.ws0{word-spacing:-.048000px}.ws1{word-spacing:0}._3{margin-left:-1.382806px}._2{width:1.078132px}._1{width:43.007812px}._0{width:1354.523438px}.fc0{color:#000}.fs0{font-size:48px}.fs1{font-size:49.477268px}.y0{bottom:0}.y26{bottom:124.901553px}.y25{bottom:146.038738px}.y24{bottom:167.175924px}.y23{bottom:188.31311px}.y22{bottom:209.450296px}.y21{bottom:230.587482px}.y20{bottom:251.724668px}.y1f{bottom:272.861853px}.y1e{bottom:293.999039px}.y1d{bottom:315.136225px}.y1c{bottom:336.273411px}.y1b{bottom:357.410597px}.y1a{bottom:378.547783px}.y19{bottom:399.684968px}.y18{bottom:420.822154px}.y17{bottom:441.95934px}.y16{bottom:463.096526px}.y15{bottom:484.233712px}.y14{bottom:505.370897px}.y13{bottom:526.508083px}.y12{bottom:547.645269px}.y11{bottom:568.782455px}.y10{bottom:589.919641px}.yf{bottom:611.056827px}.ye{bottom:632.194012px}.yd{bottom:653.331198px}.yc{bottom:674.468384px}.yb{bottom:695.605570px}.ya{bottom:716.742756px}.y9{bottom:737.879942px}.y8{bottom:759.017127px}.y7{bottom:780.154313px}.y6{bottom:801.291499px}.y5{bottom:822.428685px}.y4{bottom:843.565871px}.y3{bottom:864.703057px}.y2{bottom:885.840242px}.y1{bottom:906.977428px}.h3{height:32.976792px}.h2{height:34.945313px}.h1{height:34.96875px}.h0{height:1014.58492px}.w0{width:783.997438px}.x0{left:0}.x1{left:92.234993px}.x2{left:115.293741px}.x3{left:138.352489px}.x4{left:161.411237px}.x5{left:184.469985px}.x6{left:195.864254px}.x7{left:370.726428px}

CSCI 4531 Lecture Notes - Lecture 12: Stack Overflow, Microsoft Sql Server, Sql Slammer

12/06/2016 - chapter 10: buffer overflow &amp; chapter 11: software security. A brief history of some buffer overflow attacks. 1988: the morris internet worm uses a buffer overflow exploit in fingerd as one of its attack mechanisms. 1995: a buffer overflow in ncsa httpd 1. 3 was discovered and published on the. 1996: aleph one published smashing the stack for fun and profit in phrack magazine, giving a step by step introduction to exploiting stack-based buffer overflow vulnerabilities. 2001: the code red worm exploits a buffer overflow in microsoft iis 5. 0. 2003: the slammer worm exploits a buffer overflow in microsoft sql server. 2004: the sasser worm exploits a buffer overflow in microsoft windows 2000 / First widely used by morris worm in 1988. Legacy of buggy code in widely deployed operating systems and applications. A buffer overflow, also known as a buffer overrun, is defined in the nist glossary as follows: of key information security terms.

CSCI 4531 Lecture Notes - Lecture 12: Stack Overflow, Microsoft Sql Server, Sql Slammer

Document Summary

Get access