The countermeasures to a buffer overflow are as follows:
* Perform manual auditing of the code.
* Stack execution should be disabled.
* Take the support of the functions which are not the cause of the buffer overflow.
*
* Take compiler support. For example, Java automatically checks if an array index is within the proper bounds. Use compilers such as Java instead of C to avoid buffer overflow attacks. Use tools such as StackGuard and Immunix System to avoid buffer overflows.
* Stack based overflows (direct RET overwrite) : (Tutorial Part 1) http://www.corelan.be:8800/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/ * Jumping to shellcode : (Tutorial Part 2) http://www.corelan.be:8800/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/ * Stack based overflows – SEH (Tutorial Part 3)
In the pre-attack phase, there are seven steps, which have been defined by the EC-Council, as follows: 1. Information gathering 2. Determining network range 3. Identifying active machines 4. Finding
PlanetCreator has reported another critical MySQL Injection (vulnerability) on www.mymasjid.net.my This vulnerability has been alerted to :- Webmaster : [email protected] Applications: ———— PlanetCreator’s_Universal_Advanced_Internet_Securi ty_T00L System Time: ———— (UTC+08:00) Kuala Lumpur,