Format String Vulnerabilities The Impact of A Leaky Program

Tuesday, 16 Feb 2021 10:30AM EST (16 Feb 2021 15:30 UTC)
Speaker: Michiel Lemmens

Format strings are a common way to print out text to a console in C or C++ programs. Just a harmless way to show some output, right? Well, under the right conditions they can leak out memory content to a savvy user. And as memory contains, well, all data a program uses, and many other control structures, this can lead to a problematic situation.

In this webcast, we will be discussing:

How format strings are used in programs
How their syntax can help create format string vulnerabilities
What information they provide to an attacker
How they can be exploited

Login to Register

Related Content

Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)

A Visual Summary of SANS New2Cyber Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024

Cyber Defense, Digital Forensics, Incident Response & Threat Hunting, Industrial Control Systems Security, Penetration Testing and Red Teaming

January 29, 2024

A Visual Summary of SANS CTI Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS CTI Summit 2024

Cybersecurity Insights, Digital Forensics, Incident Response & Threat Hunting, Cyber Defense, Cloud Security, Open-Source Intelligence (OSINT), Cybersecurity Leadership, Security Awareness, Artificial Intelligence (AI)

December 18, 2023

Top 15 SANS Summit Talks of 2023

This year, SANS hosted 16 Summits with 209 talks. Here were the top-rated talks of the year.