Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-6165 | APP3590 | SV-6165r2_rule | DCSQ-1 | High |
Description |
---|
Buffer overflow attacks occur when improperly validated input is passed to an application overwriting of memory. Usually, buffer overflow errors stop execution of the application causing a minimum of denial of service and possibly a system call to a command shell giving the attacker access to the underlying operating system. |
STIG | Date |
---|---|
Application Security and Development Checklist | 2014-12-22 |
Check Text ( C-3049r3_chk ) |
---|
Ask the application representative for code review or scan results from the entire application. This can be provided as results from an automated code review or a vulnerability scanning tool. See section 5.4 of the Application Security and Development STIG for additional details on code review and tools. If the results are provided from a manual code review, the results will need to describe how buffer overflow vulnerabilities and functions vulnerable to buffer overflows are identified during code reviews. 1) If scan results are provided and buffer overflow vulnerabilities have been identified in the report, this is a finding. 2) If scan results are provided but do not include the scan configuration settings which show that the application was tested for buffer overflows, this is a finding. 3) If manual test results are provided and the report does not confirm the lack of buffer overflows and also describe how buffer overflows and functions vulnerable to buffer overflows are identified during the code review, this is a finding. *Note: For IPV6 capable applications, check existing libraries to ensure they are capable of processing the increased size of IPv6 addresses to avoid buffer overflows. |
Fix Text (F-17110r1_fix) |
---|
Modify the application to protect against buffer overflows vulnerabilities. |