Presentation is loading. Please wait.

Presentation is loading. Please wait.

Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Quiz: Buffer Overflow Causes Author:

Published byLucas Stevenson Modified over 8 years ago

Similar presentations

Presentation on theme: "Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Quiz: Buffer Overflow Causes Author:"— Presentation transcript:

1 Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu Quiz: Buffer Overflow Causes Author: Jedidiah R. Crandall, crandaj@erau.edu This Document was Funded by the National Science Foundation Federal Cyber Service Scholarship For Service Program: Grant No. 0113627 Distributed July 2002 Embry-Riddle Aeronautical University Prescott, Arizona USA 3 Questions, Answers follow the “About” page.

2 Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu 1. Which of these are a security problem? A.Stack smashing B.Heap-based attacks C.Data corruption D.Program crashes E.Core dumps

3 Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu 2. Which of these statements is true? A.It’s always the size of the input and not the input itself that causes a buffer overflow B.Many buffer overflows are caused by blatantly careless programmer errors C.Even very careful and very skilled programmers can produce software with buffer overflows D.All of the subroutines included in the Standard C Library will do bounds checking for you

4 Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu 3. Which of these statements is true about a 50 byte buffer in C? A.It will hold 50 ASCII characters (other than the NULL at the end) B.It will hold 100 UNICODE characters C.The last ASCII character (other than NULL) is indexed with the number 98 D.The last ASCII character (other than NULL) is indexed with the number 99 E.The last ASCII character (other than NULL) is indexed with the number 100

5 Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu About this Project 1.This presentation is part of a larger package of materials on buffer overflow vulnerabilities, defenses, and software practices. For more information, go to: http://nsfsecurity.pr.erau.eduhttp://nsfsecurity.pr.erau.edu 2.Also available are: –Demonstrations of how buffer overflows occur (Java applets) –PowerPoint lecture-style presentations on an introduction to buffer overflows, preventing buffer overflows (for C programmers), and a case study of Code Red –Checklists and Points to Remember for C Programmers –An interactive module and quiz set with alternative paths for journalists/analysts and IT managers as well as programmers and testers –A scavenger hunt on implications of the buffer overflow vulnerability 3.Please complete a feedback form at http://nsfsecurity.pr.erau.edu/feedback.html to tell us how you used this material and to offer suggestions for improvements. http://nsfsecurity.pr.erau.edu/feedback.html

6 Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu Answers 1. A,B,C,D,E 2. B,C 3. C

Download ppt "Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Quiz: Buffer Overflow Causes Author:"

Similar presentations

CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson

CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
An Empirical Study of the Reliability in UNIX Utilities Barton Miller Lars Fredriksen Brysn So Presented by Liping Cai.

An Empirical Study of the Reliability in UNIX Utilities Barton Miller Lars Fredriksen Brysn So Presented by Liping Cai.
Buffer Overflow Intro. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Preventing Buffer Overflows (for C programmers)

Buffer Overflow Intro. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Preventing Buffer Overflows (for C programmers)
Buffer Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Causes Author: Jedidiah.

Buffer Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Causes Author: Jedidiah.
CS 111: Introduction to Programming Midterm Exam NAME _________________ UIN __________________ 10/30/08 1.Who is our hero? 2.Why is this person our hero?

CS 111: Introduction to Programming Midterm Exam NAME _________________ UIN __________________ 10/30/08 1.Who is our hero? 2.Why is this person our hero?
1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.

1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.
Teaching Buffer Overflow Ken Williams NC A&T State University.

Teaching Buffer Overflow Ken Williams NC A&T State University.
Teaching Buffer Overflow Ken Williams NC A&T State University.

Teaching Buffer Overflow Ken Williams NC A&T State University.
Software Engineering Lifecycle. ©2002. Jan G. Hogle, Susan L. Gerhart. Software Engineering Lifecycle Authors: Jan G. Hogle,

Software Engineering Lifecycle. ©2002. Jan G. Hogle, Susan L. Gerhart. Software Engineering Lifecycle Authors: Jan G. Hogle,
C Programmer Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Quiz: For C Programmers Author: Jedidiah.

C Programmer Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Quiz: For C Programmers Author: Jedidiah.
Examining the Code [Reading assignment: Chapter 6, pp. 91-104]

Examining the Code [Reading assignment: Chapter 6, pp ]
Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.

Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.
PreAP Computer Science Quiz

PreAP Computer Science Quiz
Secure Software Development Mini Zeng University of Alabama in Huntsville 1.

Secure Software Development Mini Zeng University of Alabama in Huntsville 1.
CSC 386 – Computer Security Scott Heggen. Agenda Introduction to Software Security.

CSC 386 – Computer Security Scott Heggen. Agenda Introduction to Software Security.
Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity for Critical Infrastructure Course Flow Diagrams May 2-3, 2013 Support.

Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity for Critical Infrastructure Course Flow Diagrams May 2-3, 2013 Support.
An anti-hacking guide.  Hackers are kindred of expert programmers who believe in freedom and spirit of mutual help. They are not malicious. They may.

An anti-hacking guide.  Hackers are kindred of expert programmers who believe in freedom and spirit of mutual help. They are not malicious. They may.
Buffer Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Defenses Author:

Buffer Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Defenses Author:
Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.

Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.

Similar presentations

Ads by Google