Buffer Overflow

A buffer overflow occurs when a program writes data to a buffer (a block of memory) and exceeds the buffer's boundary, overwriting adjacent memory. This can corrupt data, crash the program, or allow an attacker to run arbitrary code. Buffer overflows are most common in languages without memory safety guarantees, such as C and C++.

There are two main types: stack-based buffer overflows, which overwrite the return address on the call stack, and heap-based overflows, which corrupt heap metadata or adjacent heap objects. Modern operating systems employ mitigations like ASLR (Address Space Layout Randomization), DEP (Data Execution Prevention), and stack canaries, but these can sometimes be bypassed.

While less common in modern web applications (which typically use memory-safe languages), buffer overflows remain critical in native binaries, network protocols, and server software that web applications depend on.

How APVISO tests for this: APVISO's agents focus on web application layer testing, but they identify potential buffer overflow vectors in server headers, protocol implementations, and binary file parsers exposed through web interfaces. The recon agent flags underlying server software versions with known overflow vulnerabilities.