[WEB SECURITY] Buffer overflows attacks and form fields.

Schmidt, Albert E AES at ola.state.md.us
Thu Dec 8 10:25:39 EST 2005


I am attempting to document that form fields are not necessary for an
attacker to cause a buffer overflow attack.  It is my belief that a
proxy can be used to insert information in the packets sent to the web
server to perform a buffer overflow attack when navigating a website.
Does anybody have any thoughts on this subject?

---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/



More information about the websecurity mailing list