A buffer overflow attack occurs when a programming flaw allows an attacker to disrupt the integrity of a computer by sending an email message.
When a program or process attempts to hold more data than intended in one buffer, contiguous memory space is overwritten and corrupted.
There are two main types of buffer overflow attacks: stack-based -- the most common -- and heap-based. In a stack-based buffer overflow attack, the misused program uses a memory object (stack) to store user input. After overflowing the buffer with an executable command, the attacker specifies a return address that points to the malignant command. Since the stack is overflowed, the program partially crashes and attempts to recover by going to the return address -- which has been changed to point to the hacker's specified command. A heap-based attack deluges the memory program space. Such an attack is more difficult to execute, making them less common.
Did you figure out how to detect a buffer overflow attack in your network? Check out what happens when a third party gets involved in a man-in-the-middle attack.
Text by Sharon Zaharoff, the associate site editor for SearchExchange.