You are here: silicon.com > Resources > White Papers > Software and Web Development > Internet and Web > Web Servers

Web Servers White Papers

Understanding Buffer Overflow Attacks

Overview The Internet Worm shutdown over 6,000 systems, just about cutting off all traffic on the Internet. One of the methods used to gain access to systems was a buffer overflow exploit of a UNIX service called finger. When you fingered a user, the finger service would return information about the user, for example, the user's real name and phone number. But the buffer overflow attack on finger replaced the server program with a UNIX command interpreter, or shell. This shell was then used to copy across a program that uploaded, linked, and then executed, a new copy of the Worm. Buffer overflow attacks remained relatively unheard of for many years following the Worm. One known example came in November of 1994, when one of the first commercial Webservers, running HP-UX (Hewlett-Packard UNIX), was successfully breached using a buffer overflow attack against the NCSA 1.3 Web server. As this Web server sat on the target's internal network and could be connected to through the firewall, the attackers had unfettered access to the victim's internal network. The attackers, calling themselves the Internet Liberation Front, had a field day.

Further White Paper Details
Publisher	Spirit.com	File Format	HTML
Date Published	November 1999	Downloads	3
Format	White Papers
Topics	Web Servers, UNIX, Anti-Virus, Denial of Service

Did you find this white paper useful?

Assuring Optimum Performance of Java Applications.

Publisher:
BMC Software

Tags:
j2ee

Assuring Optimum Performance of Java Applications

Publisher:
BMC Software

Modernizing IBM eServer iSeries Application Data Access - A Roadmap Cornerstone

Publisher:
IBM

i2 Transportation Manager on the IBM eServer p5 570 16-Way POWER5 With IBM DB2 Universal Database V8 and the TotalStorage DS4500 Disk Storage System

Publisher:
IBM

How to Build a Cost Effective Development Environment for Windows Server 200X

Publisher:
Enterprise Solution Providers

There's a hole in your Telnet

The administrator added: "It's the classic buffer overflow exploit for Unix. Machines running operating systems such as FreeBSD, NetBSD and OpenBSD may be compromised by a buffer overflow in the Telnet daemon - in.telnetd.

Channel:
Security Strategy

Printers are a hacker's best friend

Researchers at US security organisation Cert said a buffer overflow problem can allow an intruder to gain root access to servers and launch denial of service attacks (DOS). The attacker can launch a DOS attack via IBM-AIX, FreeBSD, NetBSD and...

Channel:
Security Strategy

New Windows virus outbreak just a matter of days

Two allow hackers to launch a buffer overflow attack. With a buffer overflow, hackers can take control of a computer and implant unwanted programs. A virus or worm that exploits newly revealed vulnerabilities in the current versions of Windows...

Veritas flaw enables corporate attacks

The buffer overflow flaw in the Veritas software could allow an intruder to gain control of a vulnerable system. Malicious code to exploit a vulnerability in Veritas Software's Backup Exec Remote Agent for Windows is publicly available, the US...

Channel:
Security Strategy
Tags:
flaw,
veritas

Windows worm holes plugged

The MSDTC buffer overflow flaw primarily affects computers running Windows 2000. The software giant said it is not aware of any attacks that exploit the flaws. Microsoft on Tuesday issued fixes for 14 flaws in Windows, including a security hole...

Microsoft warns of 'critical' Windows flaw

The latest vulnerability is a stack-based buffer overrun, Microsoft said. Microsoft said there are "limited attacks" that exploit the issue. RPC has been involved in several security bugs before, including in the vulnerability that let the Blaster...

Virtualisation: Architectual Considerations and other Evaluation Criteria

In the past several years, server virtualisation technology has moved quickly and firmly into the IT mainstream. Of the many approaches to system virtualisation available in the market today, VMware's hypervisor architecture has gained the greatest market acceptance. This paper examines the architectural issues, solution support, and enterprise readiness required when deploying such a virtualisation solution.

Publisher:
EMC

Getting Started with Master Data Management

Master data management forms part of an overall enterprise governance program that aims to establish trusted data throughout the enterprise. This white paper from Mike Ferguson of Intelligent Business Strategies defines master data, examines why it is needed, and explores methodologies for implementing master data management.

Publisher:
DataFlux

Optimising Storage with Global File Virtualisation

This white paper will provide an overview on how Rainfinity Global File Virtualisation virtualises unstructured data environments and moves data -including active, open files-without disruption to users or applications. Rainfinity is the only enterprise-class file virtualisation solution, and delivers complete NAS optimisation across geterogeneous environments, such as NAS, CAS, and file servers.

Publisher:
EMC

Also on silicon.com

Site Navigation:

Web Servers White Papers

Understanding Buffer Overflow Attacks

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific