Skip to main content

Comodo offers free buffer overflow diagnostic utility

Comodo (opens in new tab), the New York-based IT security vendor, has released an interesting utility that tests a Windows computer network/PC system to see whether it is vulnerable to buffer overflow attacks.

Buffer overflow attacks (opens in new tab), in case you were wondering, are where the hacker chucks data at the distant PC in the hope of - quite literally - causing a data buffer to overflow and semi-crash the machine.

From there, the hacker can run his/her own code and even gain control of the entire computer.

Because they are so wide ranging, buffer overflow attacks can take several forms, including stack attacks, heap attacks and ret2libc attacks.

Of the three main categories, Ret2libc attacks (opens in new tab)are the most interesting as they are the most difficult to detect.

Typically, they start with a buffer overflow, with the return address on the stack being replaced by the address of another function in the software and the correct code element of the stack is overwritten.

To download the Comodo utility, Netters can go to the Comodo forum area here (opens in new tab)- it's worth noting that you have to register on the forum (opens in new tab)before being allowed to download, but that's no big deal IMHO.

It's also worth noting that Comodo is offering Netters the chance to download a beta test copy of its Memory Guardian software, which helps protect against buffer overflows, here... (opens in new tab)