“Buffer overflows have been the most common form of computer
security vulnerability exploited by intruders for the past 10
years, according to a recent report published by the Oregon
Graduate Institute of Science & Technology (OGI) and funded in
part by the Defense Advanced Research Projects Agency (DARPA).”
“Linux distributors Red Hat, Inc., Linux-Mandrake,
Turobolinux and Debian GNU/Linux are working with Bell Labs to
incorporate Lucent Libsafe into their software releases. The
Linux computer operating system contains an “open” source code that
anyone is free to modify. Modeled on Bell Labs’ Unix software,
Linux has been gaining popularity for server and desktop computers
over the last few years.”
“A buffer is a region of computer memory that application
programs use to temporarily store information. Programs that write
information to buffers without properly checking the size of the
buffers are potentially vulnerable to security attacks. Such
attacks cause an inordinately large amount of data to be written,
overwriting the memory immediately following the buffer region. The
overflow injects additional code into an application program and
then hijacks control of that program to execute the injected code.
Lucent’s Libsafe software intercepts and monitors the use of
vulnerable standard functions and prevents buffer overflow
hijackings.”