Miscellaneous Quiz / DefenseExploitsandVuner

Random Miscellaneous Quiz

Can you name the DefenseExploitsandVuner?

Quiz not verified by Sporcle

Forced Order
Challenge
Share
Tweet
Embed
Score 0/26 Timer 10:00
hints
what comes ___ the buffer being overflowed determines what can be attacked
in this attack, the attacker can alter the last byte of the saved EBP. thus when the vulnerable function returns, the calling function will now have a bogus stack frame
A __ ____ vulnerability occurs when a security decision is based on a URL and not all of the URL representations are taken into account
URL encoding and canonicalization is an input validation failure (a __ generation exploit)
you can overflow a buffer when the ___ ___ aren't checked at _______-
ultimately, this heap buffer overflow worm ran its own shellcode on the server system, with Apache privileges, when Apache executed a call to free()
Off by one overflows, heap overflows, file pointer & function pointer overwriting: all examples of
the two input validation failures that are most important in the internet age:
%C0%AF can be used to represent what in UTF-8 charset encoding
____ is the most common exploit. they're easy to guard against yet remain most common code vulnerability
the 2002 worm know as ____ or ___ was very complex attack on heap buffer overflow vulnerabilities within the Apache web server
an attack that was designed to target a known vulnerability is a(n) ______ of that vulnerability
input validation failures are examples of ___ generation exploits
hints
Szor classifies vulnerabilities and exploits by ____
The first generation in classifying vulnerabilities is:
The C language starts array indices at zero, which is not always intuitive for beginning programmers. Lead to the ____ attack
in a ___ generation attack, an attacker can underflow the heap memory allocated and overwrite the control block
Before the patches to detect character encoding/canonicalization, the ___ worm used it to backpack into the root directory and use the cmd.exe to copy itself over the web to the se
format string attacks, mem/heap management attacks, etc. all example of:
This is often used to refer only to vunerable code in an OS or applications
Nestea IP frame, linux fileutils 'ls' command, and middleman printer proxt server linux attacks are example of ____ vulnerability attack
function pointer overwriting is an example of a _ generation exploit in which overflowing the buffer overwrited the function pointer
more generally, a ____ is whatever weakness in an overall system makes it open to attack.
___ converts URLs into a standard form
In a ___ attack, the virus writer knows that the ret address is on the stack frame at a known offset after last local variable on frame. ret addres can be changed to cause a ret to
format string attacks are examples of ___generation exploits

You're not logged in!

Compare scores with friends on all Sporcle quizzes.
Sign Up with Email
OR
Log In

You Might Also Like...

Show Comments

Extras

Top Quizzes Today


Score Distribution

Your Account Isn't Verified!

In order to create a playlist on Sporcle, you need to verify the email address you used during registration. Go to your Sporcle Settings to finish the process.