Buffer overflow attacks

U2R unauthorized access to local superuser (root) privileges, e.g. various buffer overflow attacks Probing surveillance and other probing, e.g. port scanning. 

Bouffard et al. described in [13], two methods to change the control flow graph of a Java Card. The first one is Eman 2, which provides a way to change the return address of the current function. This information is stored in the Java Card stack header. Once the malicious function exits during the correct execution, the program counter returns to the instruction which addresses it. The address of the jpg is also stored in the Java Card Stack header. An overflow attack success to change the return address by the address of the malicious byte code. Since there is no runtime check on the parameter, it allows a standard buffer overflow attack to modify the frame header. 

Information exchange processes in a communication infrastructure can be modeled as transactions that have to fulfill the ACID properties. If a transaction does not properly proceed and finish, the ACID properties provide a direct categorization of the related anomaly. Based on this categorization, appropriate and effective countermeasures can be applied. A direct violation of the atomicity property, for example, corresponds to a denial-of-service attack, as the transaction is not completed and therefore the requested service is not provided. A buffer overflow represents a violation of consistency, and a race condition a violation of isolation. Other attacks can be classified accordingly. The corresponding anomalies can be detected by comparing protocol and process runs with the given specifications, which are represented by extended finite state machines. 

Common protocol attacks Although a wide variety of security implications and vulnerahilities have been identified with OPC services and standards, OPC standards and application programming interfaces are common in control system environments. OPC vulnerabilities could be simple system enumeration and password vulnerability or they could be more complex like remote registry tampering and buffer overflow flaws, etc. These could result in threats to lACS. The installation of undetected malware, DoS attacks, escalated privileges on a host, and/or even the accidental shutdown of LACS are vulnerabilities for which solutions are available but these are not always very successful. 

There are four mechanisms for transmitting a Trojan horse to your computer. The first, buffer overflow, generally exploits weaknesses in the mail system.To exploit this hole requires a level of expertise that excludes all but a very few crackers. Your risk of being subject to this form of attack is small. A variant of this attack does not load a Trojan horse but, instead, endeavors to crash the machine. This denial of service (DOS) attack is much less sophisticated, and sample scripts are in the hands of the script kiddies. The second mechanism is to implant a cookie in your cookie file. This can be done by any web site you connect to.The third method is to e-mail you a file that executes either a Visual Basic or a Java script. It can also be an attached Java applet.)... 

---