片语

Kernel Buffer OverFlow内核缓沖区溢出

buffer overrunbuffer overflow缓沖区溢位

Buffer Overflow Vulnerability缓沖区溢出漏洞

Buffer-overflow Detection缓沖区溢出检测

Remote buffer overflow溢出

network buffer overflow网络缓存上溢

Buffer Overflow Attack攻击

英汉例句

• but not four months later, yet another exploitable buffer overflow was discovered that the manual audit missed.

  但是，不到四个月，又发现了另一个手动审查时遗漏的可利用的缓沖区溢位。

• so far, all our examples of buffer overflow exploits have been for unix systems.

  目前，我们举的所有利用缓沖区溢位的范例都是针对unix系统的。

• normally you can「t buffer overflow in managed code.

  通常不会在托管代码中发生缓沖溢出。

• for instance, to describe a buffer overflow attack, he asks us to imagine an office worker who follows the instructions listed in a manual without questioning them.

  例如，在描述缓沖溢出攻击时，他让我们想像一些不懂得质疑，仅仅是无条件遵循手工列出的条例的办公室工作人员。

• but the buffer overflow problem is far from ancient history.

  但是，缓沖区溢位问题并非已成古老的历史。

• the return value is always the size of the combined string if no buffer overflow occurred; this makes it really easy to detect an overflow.

  如果没有发生缓沖区溢出，返回值始终是组合字符串的长度；这使得检测缓沖区溢出真正变得容易了。

• fundamentally, all these approaches reduce the damage of a buffer overflow attack from a program-takeover attack into a denial-of-service attack.

  从根本上讲，所有这些方法都能减轻从程序接管攻击到拒绝服务攻击的缓沖区溢出攻击所带来的破坏。

• there are two main types of root exploits: buffer overflow attacks and executing scripts against a server.

  这里有两种主要的超级用户进入类型：缓沖溢出攻击和在服务器上执行脚本。

• a creative attacker can take advantage of a buffer overflow vulnerability through stack-smashing and then run arbitrary code (anything at all).

  有创造力的攻击者会透过摧毁堆叠利用缓沖区溢位的弱点，然后执行任何程式码。

• attacking using a buffer overflow can change this process and allow an attacker to execute any function they wish.

  利用缓沖区溢出进行攻击可以改变这个过程，并且允许黑客执行任何他们期望的函数。

• even if code can」t be placed on the stack, an attacker could use a buffer overflow to make a program 「return」 to an existing subroutine (such as a routine in the c library) and create an attack.

  即使不能将代码放到堆栈上，攻击者也可以利用缓沖区溢出来使程序「返回」某个现有的子例程（比如c库中的某个子例程），从而进行攻击。

• a disadvantage of these tools is that they「re imperfect -- they will miss some buffer overflow vulnerabilities, and they」ll identify 「problems」 that in fact aren「t problems.

  这些工具的一个缺点在于，它们不是完美的 ――它们会遗漏一些缓沖区溢出缺陷，并且它们会识别出一些实际上不是问题的「问题」。

• an attacker may be able to exploit a buffer overflow by changing the value of other data in the function; none of these approaches counter that.

  攻击者也许能够通过改变函数中其他数据的值来利用缓沖区溢出；没有哪种方法能够防止这点。

• in the instance of a buffer overflow attack, an internal value in a program is overflowed to alter how the program runs.

  在缓沖区溢出攻击的实例中，程序的内部值溢出，从而改变程序的运行方式。

• to understand how this works, it」s important to know that attackers often can「t insert the ascii nul character (0) using typical buffer overflow attacks.

  要理解这是如何工作的，就必须知道攻击者通常不能使用一般的缓沖区溢出攻击来插入asciinul字符（0)这个事实。

• that means any successful buffer overflow attack will give them more privileges than they previously had.

  这意味着任何成功的缓沖区溢位攻击都将使他们比原来拥有更多的特权。

• successful buffer overflow attacks can thus be said to be carrying out the ultimate in privilege escalation.

  因此，可以说在特权扩大时，成功的缓沖区溢位攻击发挥到极至。

• this makes it much harder to manipulate the return address, but it doesn」t defend against buffer overflow attacks that change the data of calling functions.

  这样使得操纵返回地址困难多了，但它不会阻止改变调用函数的数据的缓沖区溢出攻击。

• buffer overflow vulnerabilities can be prevented in c and c++ with knowledge, caution, and tools.

  借助知识、谨慎和工具，c和 c++中的缓沖区溢出缺陷是可以防止的。

• clearly, you would think by now that buffer overflow errors would be obsolete.

  很明显，至此您不会认为缓沖区溢位错误将是过时的。

• there are a number of tools that can help detect buffer overflow vulnerabilities before they're released.

  有许多工具可以在缓沖区溢出缺陷导致问题之前帮助检测它们。