CAPEC-CAPEC-9 - CERT CVE

Naziv	Buffer Overflow in Local Command-Line Utilities
Sažetak	This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Preduvjeti	The target host exposes a command-line utility to the user.\|The command-line utility exposed by the target host has a buffer overflow vulnerability that can be exploited.
Rješenja	["Carefully review the service's implementation before making it available to user. For instance you can use manual or automated code review to uncover vulnerabilities such as buffer overflow.", 'Use a language or compiler that performs automatic bounds checking.', 'Use an abstraction library to abstract away risky APIs. Not a complete solution.', 'Compiler-based canary mechanisms such as StackGuard, ProPolice and the Microsoft Visual Studio /GS flag. Unless this provides automatic bounds checking, it is not a complete solution.', 'Operational: Use OS-level preventative functionality. Not a complete solution.', 'Apply the latest patches to your user exposed services. This may not be a complete solution, especially against a zero day attack.', 'Do not unnecessarily expose services.']