Q. How can a simple bug in a software product put a system in jeopardy?

View solution

Q. What is a vulnerability?

View solution

Q. How do vulnerabilities typically start?

View solution

Q. What is the basic idea behind exploiting a vulnerability?

View solution

Q. What is the easiest objective when exploiting a vulnerability?

View solution

Q. What level of sophistication is required to take control of a program?

View solution

Q. How can vulnerabilities put entire networks at risk?

View solution

Q. What are stack overflows?

View solution

Q. Which programming languages are particularly susceptible to stack overflow vulnerabilities?

View solution

Q. How are stack overflow vulnerabilities created?

View solution

Q. Why do stack variables always have a fixed size?

View solution

Q. What can happen if a program neglects to verify that received data fits into the stack buffer before copying it?

View solution

Q. What are stack overflows and why are they popular?

View solution

Q. How can a simple stack overflow vulnerability be created?

View solution

Q. What can happen when a buffer of an unknown size is copied over into a limited-sized stack buffer?

View solution

Q. What can be overwritten if the copied buffer is long enough in a function that defines the following local variables: int counter; char string[8]; float number;?

View solution

Q. What happens if the copied buffer overwrites the function’s return address?

View solution

Q. What is a simple way to create a stack overflow vulnerability?

View solution

Q. What happens when a buffer of an unknown size is copied over into a limited-sized stack buffer?

View solution

Q. What is the most likely candidate to be stored in registers instead of the stack?

View solution