1. Off-by-One Overflows


OWASP WebGoat: Buffer Overflows 솔루션 비디오 보기 [View | Download]   

Description: Version 5.4 introduced nice Off-by-One Buffer Overflow vulnerability drill. Despite being more rare, buffer overflow vulnerabilities on the web occur when a tier of the application has insufficient memory allocated to deal with the data submitted by the user. Typically, such a tier would be written in C or a similar language. For the particular subset, namely, off-by-one overflows, this lesson focuses on the consequences of being able to overwrite the position for the trailing null byte. As a result, further information is returned back to the user, due to the fact that no null byte was found. As of writing, this lesson has not been developed yet by WebGoat authors. 
Size: N/A 

'보안 > 웹 해킹/보안' 카테고리의 다른 글

[WebGoat 5.4-06] Concurrency  (0) 2013.04.07
[WebGoat 5.4-06] Code Quality  (0) 2013.04.07
[WebGoat 5.4-05] Buffer Overflows  (0) 2013.04.07
[WebGoat 5.4-04] Authentication Flaws  (0) 2013.04.07
[WebGoat 5.4-03] Ajax Security  (0) 2013.04.07
[WebGoat 5.4-02] Access Control Flaws  (0) 2013.04.07
블로그 이미지

오픈이지 제로킴

시큐어코딩 교육/컨설팅 전문가 그룹

티스토리 툴바