Skip to main content
SolarWinds MSP
  • Login
  • Support
  • Partnerships
    • Solution Provider Program
    • Technology Alliance Program
SolarWinds MSP
  • Products
    • SolarWinds N-central Automate what you need. Tackle complex networks. Try this remote monitoring and management solution built to help maximize efficiency and scale.
    • SolarWinds RMM Start fast. Grow at your own pace. Try this powerful but simple remote monitoring and management solution.
    • Backup & Recovery Manage backup for servers, workstations, applications, and business documents from one cloud-based dashboard.
    • Mail Protection & Archiving Protect users from email threats and downtime.
    • Password Management Easily adopt and demonstrate best practice password and documentation management workflows.
      • Passportal Demo
    • PSA & Ticketing Manage ticketing, reporting, and billing to increase helpdesk efficiency.
    • Threat Monitoring Detect, respond to, and report on threats across your managed networks.
    • Remote Support Help support customers and their devices with remote support tools designed to be fast and powerful.
  • Solutions

    I'm looking to...

    I'm looking for...

    • Identify which RMM solution is right for me
    • Drive Efficiency with Automation
    • Manage my MSP Business More Efficiently
    • Manage my IT Department More Efficiently
    • Layered Security
    • Data-Driven Insights
    • Cross-Platform Support
  • Resources

    Webcasts & Events

    Resource Center

    • Ask the N-Central Experts
    • Daily Live Demos
    • Backup Foundations Training
    • RMM Foundations Training
    • Upcoming Events
    • Upcoming Webcasts
    • Resource Library
      • Case Studies
      • Product Information
      • eBooks
      • White Papers
      • Infographics
    • SolarWinds MSP Free Tools
    • GDPR Resource Center
    • Security Resource Center
    • MSP Institute Webinar Series
    • MSP Advice Project
  • About
    • Contact
    • Worldwide sales and support
    • Careers
    • Awards and Recognition
    • Get A Quote
    • Newsroom
      • Press Releases
      • In The News
      • Media Contacts
    • Leadership Team
    • Legal
      • Cookie Policy
      • Privacy Notice
      • Software Services Agreement
      • Terms of Use
      • Backup Fair Use Policy
    • Security
      • SolarWinds Security Statement
      • Vendor Data Protection Requirements
    • Support
  • Blog
  • Contact Sales
    • Get A Quote
    • General Inquiry
  • TRY NOW
    • SolarWinds RMM
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Passportal
    • SolarWinds N-central
    • SolarWinds Mail Assure
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Filter Blogs
  • Filter by:
  • MSP Business
    • Automation
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Cybersecurity Awareness Month
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • The Head Nerds
    • Tips & Advice
    • Training
Home Blog MSP Business Security Buffer Overflow Vulnerabilities and Prevention 
Security

Buffer Overflow Vulnerabilities and Prevention 

By SolarWinds MSP
5 July, 2019

A buffer overflow is a coding vulnerability that can allow cyberattackers to crash or even hijack a target system. To protect their customers against these tactics, managed services providers (MSPs) must understand how these vulnerabilities are created, how buffer overruns can be exploited, and what can be done to protect computer systems.

How does a buffer overflow attack work? 

A buffer overflow attack takes place when hackers exploit a buffer overflow vulnerability to overwrite memory. Typically, a buffer overflow occurs when data input exceeds the size of a buffer and overwrites memory in the adjacent buffer. 

Buffers are sequential memory partitions set aside for storage or moving data within a program. However, they can only store an allotted amount of data, and programs without bounds checking run the risk of writing data that exceeds the storage capacity of a given buffer into that space. This bug can lead to system errors on its own, but a deliberate attack can result in the loss of important data, system downtime, or the execution of malicious code. 

Although many programs have buffer overflow vulnerabilities, they are not equally susceptible to attack. C and C++ specifically lack language protections against buffer overflow and allow direct memory access, making programs written in these code languages more open to the threat of buffer overrun exploitation. 

Is buffer overflow a DoS attack? 

A buffer overflow attack is one form of a denial of service (DoS) attack [https://www.solarwindsmsp.com/blog/unified-threat-management-overview], in which hackers crash a machine or entire network by flooding it with traffic or feeding it information that causes it to shut down. A buffer overflow attack intentionally corrupts system memory, thereby denying machine or network users’ service through crashing the system. However, the ramifications of a DoS buffer overflow attack go beyond a system shutdown. 

In the worst cases, a buffer overflow overwrites data with instructions that prompt the program to run arbitrary code, an action that could give cyberattackers full access to the system. This would allow them to steal confidential data, manipulate protected information, and restrict access from system owners. 

CTA Image

Advanced Threat Detection and Monitoring

Contact A SolarWinds Threat Monitor Solution Specialist today.

Learn More

When did buffer overflow attacks start? 

The first buffer overflow attack occurred in November of 1988 with catastrophic effects. Known as “The Morris Worm,” [https://www.fbi.gov/news/stories/morris-worm-30-years-since-first-major-attack-on-internet-110218] the rogue program crashed 10% of all computers with internet connectivity in a single day. 

While it didn’t damage or eliminate system data, the worm was massively impactful in terms of its effects on cybersecurity awareness. Delaying military and university operations for several days to a week, the worm incurred damages that experts estimated to be between hundreds of thousands to millions of dollars, highlighting both the nation’s reliance on computer systems and the widespread inadequacy of cybersecurity measures at the time.  

Are buffer overflows still relevant? 

Mainstream programming practices have evolved to develop operating systems, software, and programs with built-in overflow protections. These protections include coding in an automatically protected language or using techniques that give greater attention to vulnerabilities. For example, address space randomization shuffles the locations of data areas to make buffer overflow attacks more difficult, thus undermining the propagation of worms by requiring individualized exploitation. Many programs also utilize canary values, which occupy unused buffers. When the canary value has been overwritten, the program recognizes that it cannot verify the canary value and subsequently terminates or takes another action before an attack can take place. 

Still, these protections can guard buffer overflow vulnerabilities but cannot eliminate the threat. It is in the best interest of MSPs, then, that they understand how these attacks occur and what tools they can use to prevent them [https://www.solarwindsmsp.com/blog/security-why-does-a-business-need-a-third-party-email-security-offering]. 

What is buffer overflow prevention?  

Buffer overflow prevention can come in the form of better coding practices and security software implementation. While checking for bugs and opting for automatic language protection is helpful as a first step, the majority of programs are at risk of costly buffer overflow attacks and require a second line of defense. 

SolarWinds® Remote Monitoring & Management (RMM) software was tailored to meet the needs of MSPs protecting their customers’ networks from afar [https://www.solarwindsmsp.com/products/rmm]. With data-breach risk intelligence, backup and recovery, and managed antivirus capabilities, the RMM dashboard gives MSPs a holistic view of network health while alerting them to—and guarding against—security threats like DoS attacks. 

Though cybersecurity risks are constantly evolving, buffer overflow attacks have been a severe DoS threat for the last thirty years and MSPs should know what program vulnerabilities make them possible. 

 

Ensure you're always protected from breaches by reading through our blog for other common IT threats.

 

Additional reading

A brief history of DDoS… and how to defend yourself and your customers
Unified Threat Management Overview
Why SMBs Need to Get Wise to the New Threat Landscape

You might also like...

Security

How Does LDAP Authentication Work?
Security

Kerberos Authentication Process Explained
Security

Why MSPs’ Security Keeps Me Up at Night 
Security

Understanding Single Sign-On Authentication
Security

3 Takeaways from FireEye’s 2020 Predictions Report
Security

Department of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts

  • How Does LDAP Authentication Work?
  • Kerberos Authentication Process Explained
  • Why MSPs’ Security Keeps Me Up at Night 
  • Is Backup Wasting Your Time and Costing You Money?
  • Understanding Single Sign-On Authentication

Categories:

  • Business Growth (421)
  • Security (360)
  • Tips & Advice (334)
  • Managed Services (306)
  • Best Practices (246)
  • Business (214)
  • Cybersecurity (194)
  • Backup & Disaster Recovery (123)
  • IT Support (109)
  • ITSM (78)
  • Data (64)
  • Product (63)
  • Cloud Computing (61)
  • Marketing (57)
  • Mail (55)
  • Networking (36)
  • Risk Intelligence (31)
  • Customer Service (29)
  • Remote Management (28)
  • Automation (20)
  • The Head Nerds (20)
  • GDPR (17)
  • Services & Support (16)
  • Operations (16)
  • Service Desk (15)
  • Research & Trends (14)
  • PSA (12)
  • Business Risk (12)
  • Internet of Things (11)
  • Mobile (11)
  • Training (11)
  • Security-series (8)
  • Cybersecurity Awareness Month (6)
  • LOGICcards (4)
  • Machine Learning (3)
Show moreless
SolarWinds MSP

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.

Products

  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Threat Monitor
  • SolarWinds Passportal

Solutions

  • How We Help MSPs
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights

About

  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Upcoming Events
  • Privacy
  • Legal
  • Your California Privacy Rights
  • Security
  • Subscription Preferences
  • SolarWinds

Support

  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • SolarWinds Take Control
  • SolarWinds MSP Manager
  • Solarwinds Risk Intelligence
  • Solarwinds Threat Monitor
  • SolarWinds Passportal
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Sitemap
  • Service Status