Skip to main content
SolarWinds MSP
  • Login
  • Support
SolarWinds MSP
  • Products
    • Remote Monitoring & Management Protect your customers with a platform from the global leader in monitoring and management.
    • Backup & Recovery Manage backup for servers, workstations, applications, and business documents from one cloud-based dashboard.
    • Mail Protection & Archiving Protect users from email threats and downtime.
    • PSA & Ticketing Manage ticketing, reporting, and billing to increase helpdesk efficiency.
    • Threat Monitoring Detect, respond to, and report on threats across your managed networks.
    • Remote Support Help support customers and their devices with remote support tools designed to be fast and powerful.
  • Solutions

    I'm looking to...

    I'm looking for...

    • Manage my MSP Business More Efficiently
    • Manage my IT Department More Efficiently
    • Layered Security
    • Data-Driven Insights
    • Cross-Platform Support
  • Resources

    Webinars & Events

    Resource Center

    • Ask the N-Central Experts
    • Daily Live Demos
    • Backup Foundations Training
    • RMM Foundations Training
    • Upcoming Events
    • Upcoming Webinars
    • Resource Library
      • Case Studies
      • Product Information
      • eBooks
      • White Papers
      • Infographics
    • SolarWinds MSP Free Tools
    • GDPR Resource Center
    • Security Resource Center
    • MSP Institute
    • MSP Advice Project
  • About
    • Contact
    • Worldwide sales and support
    • Careers
    • Awards and Recognition
    • Get A Quote
    • Newsroom
      • Press Releases
      • In The News
      • Media Contacts
    • Leadership Team
    • Legal
      • Cookie Policy
      • Privacy Notice
      • Software Services Agreement
      • Terms of Use
      • Backup Fair Use Policy
    • Security
      • SolarWinds Security Statement
      • Vendor Data Protection Requirements
    • Support
  • Blog
  • Contact Sales
    • Get A Quote
    • General Inquiry
  • TRY NOW
    • SolarWinds RMM
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Mail Assure
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Filter Blogs
  • Filter by:
  • MSP Business
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • Tips & Advice
    • Training
Home Blog MSP Business Security Buffer Overflow Vulnerabilities and Prevention 
Security

Buffer Overflow Vulnerabilities and Prevention 

By SolarWinds MSP
5 July, 2019

A buffer overflow is a coding vulnerability that can allow cyberattackers to crash or even hijack a target system. To protect their customers against these tactics, managed services providers (MSPs) must understand how these vulnerabilities are created, how buffer overruns can be exploited, and what can be done to protect computer systems.

How does a buffer overflow attack work? 

A buffer overflow attack takes place when hackers exploit a buffer overflow vulnerability to overwrite memory. Typically, a buffer overflow occurs when data input exceeds the size of a buffer and overwrites memory in the adjacent buffer. 

Buffers are sequential memory partitions set aside for storage or moving data within a program. However, they can only store an allotted amount of data, and programs without bounds checking run the risk of writing data that exceeds the storage capacity of a given buffer into that space. This bug can lead to system errors on its own, but a deliberate attack can result in the loss of important data, system downtime, or the execution of malicious code. 

Although many programs have buffer overflow vulnerabilities, they are not equally susceptible to attack. C and C++ specifically lack language protections against buffer overflow and allow direct memory access, making programs written in these code languages more open to the threat of buffer overrun exploitation. 

Is buffer overflow a DoS attack? 

A buffer overflow attack is one form of a denial of service (DoS) attack [https://www.solarwindsmsp.com/blog/unified-threat-management-overview], in which hackers crash a machine or entire network by flooding it with traffic or feeding it information that causes it to shut down. A buffer overflow attack intentionally corrupts system memory, thereby denying machine or network users’ service through crashing the system. However, the ramifications of a DoS buffer overflow attack go beyond a system shutdown. 

In the worst cases, a buffer overflow overwrites data with instructions that prompt the program to run arbitrary code, an action that could give cyberattackers full access to the system. This would allow them to steal confidential data, manipulate protected information, and restrict access from system owners. 

CTA Image

Advanced Threat Detection and Monitoring

Request an Interactive Demo of SolarWinds Threat Monitor today.

Learn More

When did buffer overflow attacks start? 

The first buffer overflow attack occurred in November of 1988 with catastrophic effects. Known as “The Morris Worm,” [https://www.fbi.gov/news/stories/morris-worm-30-years-since-first-major-attack-on-internet-110218] the rogue program crashed 10% of all computers with internet connectivity in a single day. 

While it didn’t damage or eliminate system data, the worm was massively impactful in terms of its effects on cybersecurity awareness. Delaying military and university operations for several days to a week, the worm incurred damages that experts estimated to be between hundreds of thousands to millions of dollars, highlighting both the nation’s reliance on computer systems and the widespread inadequacy of cybersecurity measures at the time.  

Are buffer overflows still relevant? 

Mainstream programming practices have evolved to develop operating systems, software, and programs with built-in overflow protections. These protections include coding in an automatically protected language or using techniques that give greater attention to vulnerabilities. For example, address space randomization shuffles the locations of data areas to make buffer overflow attacks more difficult, thus undermining the propagation of worms by requiring individualized exploitation. Many programs also utilize canary values, which occupy unused buffers. When the canary value has been overwritten, the program recognizes that it cannot verify the canary value and subsequently terminates or takes another action before an attack can take place. 

Still, these protections can guard buffer overflow vulnerabilities but cannot eliminate the threat. It is in the best interest of MSPs, then, that they understand how these attacks occur and what tools they can use to prevent them [https://www.solarwindsmsp.com/blog/security-why-does-a-business-need-a-third-party-email-security-offering]. 

What is buffer overflow prevention?  

Buffer overflow prevention can come in the form of better coding practices and security software implementation. While checking for bugs and opting for automatic language protection is helpful as a first step, the majority of programs are at risk of costly buffer overflow attacks and require a second line of defense. 

SolarWinds® Remote Monitoring & Management (RMM) software was tailored to meet the needs of MSPs protecting their customers’ networks from afar [https://www.solarwindsmsp.com/products/rmm]. With data-breach risk intelligence, backup and recovery, and managed antivirus capabilities, the RMM dashboard gives MSPs a holistic view of network health while alerting them to—and guarding against—security threats like DoS attacks. 

Though cybersecurity risks are constantly evolving, buffer overflow attacks have been a severe DoS threat for the last thirty years and MSPs should know what program vulnerabilities make them possible. 

 

Ensure you're always protected from breaches by reading through our blog for other common IT threats.

 

Additional reading

A brief history of DDoS… and how to defend yourself and your customers
Unified Threat Management Overview
Why SMBs Need to Get Wise to the New Threat Landscape

You might also like...

Security

Understanding DNS Cache 
Security

Stateful vs. Stateless Firewall Differences
Security

How Does Rootkit Work?
Security

MSP System Breaches—Be Prepared! Here’s How…
Security

Endpoint Detection and Response: Modern Weapons Against the Cybercriminals
Security

Panic at the Pier, Part 2: The Swap

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts

  • When Should You Consider a Merger or Partnership?
  • What’s the Difference Between OneDrive and SharePoint
  • Why Email Security Is a Core Part of Cyberhygiene
  • Stateful vs. Stateless Firewall Differences
  • Client First Visit Checklist—7 Things to Do When Onboarding a New Customer

Categories:

  • Business Growth (410)
  • Tips & Advice (333)
  • Security (308)
  • Managed Services (301)
  • Best Practices (247)
  • Business (213)
  • Cybersecurity (194)
  • Backup & Disaster Recovery (111)
  • IT Support (102)
  • ITSM (74)
  • Data (63)
  • Product (63)
  • Cloud Computing (57)
  • Marketing (53)
  • Mail (50)
  • Networking (32)
  • Risk Intelligence (31)
  • Customer Service (29)
  • Remote Management (27)
  • GDPR (17)
  • Services & Support (16)
  • Service Desk (15)
  • Research & Trends (14)
  • Business Risk (12)
  • Operations (11)
  • PSA (11)
  • Internet of Things (10)
  • Mobile (9)
  • Training (9)
  • Security-series (8)
  • LOGICcards (4)
  • Machine Learning (3)
Show moreless
SolarWinds MSP

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.

Products

  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Threat Monitor

Solutions

  • How We Help MSPs
  • How We Help IT Departments
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights

About

  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Privacy
  • Legal
  • Security
  • Subscription Preferences
  • SolarWinds

Support

  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • MSP Manager
  • Solarwinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Sitemap
  • Service Status