Stack-based buffer overflow vulnerabilities occur when the application code incorrectly calculates or limits the amount of data being written into data structures allocated to the stack. Successful exploitation of Stack-based Buffer Overflow vulnerabilities leads to arbitrary code execution. Most platforms provide multiple defense-in-depth measures to make buffer overflow exploitation more difficult, but these measures cannot be relied on as a complete defense. In other words, Stack-based Buffer Overflow vulnerabilities are very dangerous, and memory operations have to be performed correctly even if the platform provides some protection against exploitation.
This Skill Lab provides a virtual environment that contains a vulnerable application with its complete source code for training developers to identify and remediate Stack-based Buffer Overflow vulnerabilities.
Learning Objectives
In this lab, the learner will receive hands-on experience testing for a Stack-based Buffer Overflow vulnerability and implementing an appropriate mitigation. The typical solutions include validating the size of data being copied before writing it to a buffer and allocating sufficiently large buffers to hold data.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):