In today’s webcast we had the opportunity to explore the buffer overrun attack in depth which is considered one of the worst vulnerabilities that exist.  Any code that is written in C or C++ --without proper security code reviews--on any platform is susceptible to buffer overrun.  It is becoming easier and easier to create shell code to pass as a parameter to our C or C++ code.  For example, Kevin Lam --lead author of Assessing Network Security book--showed everyone the http://metasploit.com/shellcode.html web site.

 

Go to my blog to read the rest.....