Miscellaneous Quiz / DefenseExploitsandVuner

Random Miscellaneous Quiz

Can you name the DefenseExploitsandVuner?

 Plays Quiz not verified by Sporcle

Forced Order
Score 0/26 Timer 10:00
the 2002 worm know as ____ or ___ was very complex attack on heap buffer overflow vulnerabilities within the Apache web server
The C language starts array indices at zero, which is not always intuitive for beginning programmers. Lead to the ____ attack
function pointer overwriting is an example of a _ generation exploit in which overflowing the buffer overwrited the function pointer
This is often used to refer only to vunerable code in an OS or applications
Szor classifies vulnerabilities and exploits by ____
format string attacks are examples of ___generation exploits
___ converts URLs into a standard form
what comes ___ the buffer being overflowed determines what can be attacked
in a ___ generation attack, an attacker can underflow the heap memory allocated and overwrite the control block
A __ ____ vulnerability occurs when a security decision is based on a URL and not all of the URL representations are taken into account
ultimately, this heap buffer overflow worm ran its own shellcode on the server system, with Apache privileges, when Apache executed a call to free()
In a ___ attack, the virus writer knows that the ret address is on the stack frame at a known offset after last local variable on frame. ret addres can be changed to cause a ret to
The first generation in classifying vulnerabilities is:
the two input validation failures that are most important in the internet age:
format string attacks, mem/heap management attacks, etc. all example of:
you can overflow a buffer when the ___ ___ aren't checked at _______-
Before the patches to detect character encoding/canonicalization, the ___ worm used it to backpack into the root directory and use the cmd.exe to copy itself over the web to the se
an attack that was designed to target a known vulnerability is a(n) ______ of that vulnerability
Nestea IP frame, linux fileutils 'ls' command, and middleman printer proxt server linux attacks are example of ____ vulnerability attack
more generally, a ____ is whatever weakness in an overall system makes it open to attack.
URL encoding and canonicalization is an input validation failure (a __ generation exploit)
____ is the most common exploit. they're easy to guard against yet remain most common code vulnerability
Off by one overflows, heap overflows, file pointer & function pointer overwriting: all examples of
%C0%AF can be used to represent what in UTF-8 charset encoding
in this attack, the attacker can alter the last byte of the saved EBP. thus when the vulnerable function returns, the calling function will now have a bogus stack frame
input validation failures are examples of ___ generation exploits

You're not logged in!

Compare scores with friends on all Sporcle quizzes.
Join for Free
Log In

You Might Also Like...

Show Comments


Created Apr 28, 2011ReportNominate

Top Quizzes Today

Score Distribution

Your Account Isn't Verified!

In order to create a playlist on Sporcle, you need to verify the email address you used during registration. Go to your Sporcle Settings to finish the process.

Report this User

Report this user for behavior that violates our Community Guidelines.