In today’s webcast we had the opportunity to explore the buffer overrun attack in depth which is considered one of the worst vulnerabilities that exist. Any code that is written in C or C++ –without proper security code reviews–on any platform is susceptible to buffer overrun. It is becoming easier and easier to create shell code to pass as a parameter to our C or C++ code. For example, Kevin Lam –lead author of Assessing Network Security book–showed everyone the http://metasploit.com/shellcode.html web site.
Go to my blog to read the rest…..