HTTP Buffer Overflows
Gregory Alan Bolcer
gbolcer@endeavors.com
Thu, 07 Mar 2002 17:13:03 -0800
Gartner saying that HTTP buffer overflow attacks will
be very commonplace by 2005 according to John Pescatore.
I wonder how many unsuccessful buffer overflow attacks
aren't recorded. I'm sure he means *successful* buffer
overflow attacks.
Is data handling really that vulnerable?
Greg
> Key Issues
> How will network-based applications become safe for mission-critical businesses during the next five years?
> Which product approaches and practices will help enterprises achieve higher levels of data integrity?
>
> Strategic Planning Assumptions
> By 2004, 30 percent of all buffer overflow attacks will be carried over HTTP tunneling (0.6 probability).
> By 2006, more than 50 percent of successful Internet attacks will exploit application data handling vulnerabilities vs. operating system and application misconfigurations (0.7 probability).
--
Gregory Alan Bolcer, CTO | work: +1.949.833.2800 | gbolcer at endeavors.com
Endeavors Technology, Inc. | cell: +1.714.928.5476 | http://endeavors.com