What can a buffer overflow do?
A malicious user can use a known buffer overflow to cause havoc to a web application or website. A buffer overflow can be used to hack into the underlying server, to gain control of a portion of the website that normal can not occur, or launch programs/commands from the stack. A buffer overflow can be used to perform a Denial of Service (DoS) attack or a Distributed Denial of Service (DDoS) attack. A buffer overflow can be used to gain unprivileged access, or learn more about the architecture of the software application or product. Basically a buffer overflow is a crack in your software application that a malicious user can use to pry open not only your software, but the server it resides on, the entire website, or even the company’s network. Buffer overflows need to be checked and tested for. Without a proper testing plan and security testing matrix, you will not know what to be prepared for.