You are here: silicon.com > Resources > White Papers > Software and Web Development > Software Development Tools > Programming Languages

Programming Languages White Papers

Steps Involved in Exploiting a Buffer Overflow Vulnerability Using a SEH Handler

Tags:
programming languages

Overview This paper uses buffer overflow vulnerability in an application to overwrite the SEH handler. This paper will outline all the steps necessary to exploit such vulnerability, from detecting the point of buffer overflow in the application, to writing an exploit. The exploit uses an Activex control (XXXXX.dll) having buffer overflow vulnerability as a sample application, using this they can test out remote buffer overflow exploit. The only tools they need here are COMRaider, a Debugger, VC++ 6 IDE; COMRaider is fuzzer tool for fuzzing interfaces of the Activex components in the application, the debugger to find the actual location of the overflow and VC++ to write the exploit code.

Further White Paper Details
Publisher	Honeywell	File Format	PDF
Date Published	March 2009
Format	White Papers
Topics	Programming Languages

Did you find this white paper useful?

Introducing Xomega for XML Object Modeling and Code Generation

XML-based Model Driven Development can be a simple, but very powerful alternative to the UML-based MDA and can result in significantly increased productivity, clean and robust designs and improved system...

Publisher:
Xomega.Net

Tags:
xml

Market-Leading Data-Modeling Tools: Research Report from the Burton Group

The Burton Group provides an in-depth research report on Market-Leading Data-Modeling Tools. According to their research, basic data modeling tools have become commoditized - basic features are yesterday's...

Publisher:
Sybase

Tags:
voice recognition

The Converging Paths of SQL Server and SharePoint - Don't Wait Until It's Too Late!

SharePoint and SQL server have much in common, and understanding their similarities will help you streamline your day-to-day tasks and help you work more efficiently. Do you know what those...

Publisher:
Quest Software

Tags:
multimedia

Supporting Employees Anytime, Anywhere

New business demands require a new approach to end-user support. This is leading organizations to a remote service delivery model that leverages the Web and Saas technology

Publisher:
Citrix Online

Tags:
document management

The Pursuit of a Standardized Solution for Secure Enterprise RBAC

Each RBAC implementation varies in its capabilities and method of management. In a multi-platform environment, these differences introduce higher administration hours and costs because the various RBAC models are not...

Publisher:
BeyondTrust

Tags:
infrastructure management

MSN Messenger flaw opens PCs up to hackers

Hackers can exploit the vulnerability to impose a buffer-overflow attack, according to Microsoft. Buffer-overflow vulnerabilities allow hackers to execute potentially harmful programs on a victim's computer, deleting files or crippling the system's...

Channel:
Security Strategy

New Windows virus outbreak just a matter of days

Two allow hackers to launch a buffer overflow attack. With a buffer overflow, hackers can take control of a computer and implant unwanted programs. Alfred Huger, senior director of engineering at Symantec Security Response, said: “This is...

'Critical' AOL IM flaw exposed

Secunia, which credits Ryan McGeehan with finding the vulnerability, said in a statement: "The vulnerability is caused due to a boundary error within the handling of 'Away' messages and can be exploited to cause a stack-based buffer overflow by...

Channel:
Security Strategy

Veritas flaw enables corporate attacks

The buffer overflow flaw in the Veritas software could allow an intruder to gain control of a vulnerable system. Malicious code to exploit a vulnerability in Veritas Software's Backup Exec Remote Agent for Windows is publicly available, the US...

Channel:
Security Strategy
Tags:
flaw,
veritas

Sophos' flagship product is flawed

The Abingdon, England-based company said that Sophos Anti-Virus can potentially be attacked by a buffer overflow, which knocks out a program by flooding it with data. According to the company advisory: "Although theoretically a risk, Sophos has not...

Vista flaw leaves OS open to DoS attack

Certain requests sent to the iphlpapi.dll API can cause a buffer overflow that corrupts the Vista kernel memory, resulting in a blue-screen-of-death crash. This buffer overflow could [also] be exploited to inject code, hence compromising client...

Channel:
Malware
Tags:
dos,
malware,
flaw,
os

Featured White Papers

The Value of Location Intelligence in the Communications Industry

Public Services are under pressure, the challenge is to do more with less. How do you improve citizen satisfaction, increase cost efficiencies and improve service delivery? The power of location intelligence is helping many local authorities and government departments make more informed decisions and derive greater value from current location-based information and data. Read this whitepaper to see how you can take advantage of location intelligence.

Publisher:
Pitney Bowes

Best Practices for Translating Customer Satisfaction into Revenue

Today's support organisations are focused on two top-level metrics: financial results and customer satisfaction. For most, it's easy to track financial performance, but customer satisfaction is akin to speaking a foreign language. How do you quantify customer satisfaction? Download the Best Practices for Benchmarking Customer Satisfaction to get industry research the Association of Support Professionals (ASP) on how to measure and leverage customer satisfaction.

Publisher:
Citrix Online

HP print solutions and 3M

the objective for 3M was to optimize office printing infrastructure at 3Mlocations worldwide Reduce total cost and environmental footprint. Some of the business benefits acheived by switching to HP print soultions, More than $3 million in savings in first two years and Per page costs reduced by up to 90 percent.