What is Vulnerability?
A buffer overflow happens when a software program stores too much information in reserved block of memory. Typically a program will overwrite other memory blocks, resulting in a crash, errors, or even make the software vulnerable to security problems.
Most buffer overflow attacks abuse this type of weakness to overwrite parts of the memory and store code of the attacker. By using memory jumps, the attacker tries to get the code to be executed. This may result in leaking data, create shell access, or simply crashing the system.
A weakness that can be exploited.
- Arachni (web application scanner)
- arch-audit (detection of vulnerable packages on Arch Linux)
- Glastopf (honeypot)
- Lynis (audit tool and security scanner)
- Nikto (web application scanner)
- OpenVAS (vulnerability scanner)
- Pompem (find exploits)
- SearchSploit (exploit search tool)
- Seccubus (automation of vulnerability scanning)
- vFeed (vulnerability database and query engine)
- vulnerability-alerter (retrieve vulnerability data from NIST)
- Vulnreport (security review and reporting platform)
- WPScan (WordPress vulnerability scanner)