Software Vulnerabilities by Example: A Fresh Look at the Buffer Overflow Problem - Bypassing SafeSEH
Journal of Information Assurance & Security
We demonstrate how software vulnerabilities compromise the security of a computer system. A variety of everyday applications contain vulnerabilities which may lead to arbitrary remote code execution from unauthorized users. Often, a buffer overflow, an error that arises when a computer program tries to store too much data in memory of a fixed size, provides an easy point of entry. We cover both vulnerability discovery and subsequent exploitation to provide a comprehensive yet succinct overview of a computer security attack. We use a buffer overflow in the Pcounter Data Server as a running example to demonstrate how vulnerable systems are exploited. Our discussion of discovery is focused on fault injection, a common technique for identifying buffer overflows. Our exploitation method is an example of a control flow hijacking technique specially crafted to bypass Safe Structured Exception Handling (SafeSEH) and stack canaries-both modern software protection mechanisms.
Kimball, William B. and Perugini, Saverio, "Software Vulnerabilities by Example: A Fresh Look at the Buffer Overflow Problem - Bypassing SafeSEH" (2012). Computer Science Faculty Publications. 20.