70. What is buffer overflow and why are information security policies so important?

Buffer Overflow is a condition whereby a program has simply more data than a buffer (i.e., memory storage used to temporarily hold data while in transit from one area to another) can hold, ultimately resulting in adjacent buffers receiving the overflow. In simpler terms, ever notice how a video online is “buffering” enough of the video ahead of time so that when the video plays it doesn't stop every couple of seconds to wait for the data stream to play. Buffer overflow is a common issue when it comes to software development, often resulting in what’s known as buffer overflow attacks, which according to the Open Web Application Security Project (OWASP), is the following - the attacker sends data to a program, which it stores in an undersized stack buffer, resulting in the information on the call stack being overwritten, including the function's return pointer. Thus, the data sets the value of the return pointer so that when the function actually returns, it transfers control to the malicious code. Source: http://www.owasp.org.

Buffer Overflow Protection Measures | It Starts with Secure Software Development Coding

As for protecting against buffer overflow attacks, consider the following:

  • Conducting independent, third-party code reviews, either manual or automated (numerous tools available).
  • Undertake comprehensive software developing training initiatives, such as yearly OWASP training, etc.
  • Utilizing compiler tools, for which many are available.
  • Having in place a well-documented and formalized patch and security management policy, procedures and practices, along with other essential information security and specific software development policies and procedures (i.e., SDLC Policy, Change Management Policy, etc.)
  • Performing regular internal and external vulnerability scans, along with network layer and application layer penetration tests.

Information Security Polices | Essential for Software Development | Download Today

What organizations can do for effectively mitigating buffer overflow attacks - and many other cyber security threats - is having a comprehensive set of high-quality, in-depth operational and information security policies and procedures.  FLANK, a global leader in the field of security documentation, offers the FLANK21 set of documents containing literally hundreds of professionally developed, well-written operational and information security policies, procedures, forms, checklists, templates, provisioning and hardening documents, and more.

The FLANK21 set of documents also includes numerous forms and templates for secure software development, change management, and other essential information.