Editing Buffer overflow (section)

==History==

Buffer overflows were understood and partially publicly documented as early as 1972, when the Computer Security Technology Planning Study laid out the technique: "The code performing this function does not check the source and destination addresses properly, permitting portions of the monitor to be overlaid by the user. This can be used to inject code into the monitor that will permit the user to seize control of the machine."<ref>{{cite web |title=Computer Security Technology Planning Study |page=61 |url=http://csrc.nist.gov/publications/history/ande72.pdf |access-date=2007-11-02 |archive-url=https://web.archive.org/web/20110721060319/http://csrc.nist.gov/publications/history/ande72.pdf |archive-date=2011-07-21 |url-status=dead}}</ref> Today, the monitor would be referred to as the kernel.

The earliest documented hostile exploitation of a buffer overflow was in 1988. It was one of several exploits used by the [[Morris worm]] to propagate itself over the Internet. The program exploited was a [[Service (systems architecture)|service]] on [[Unix]] called [[Finger protocol|finger]].<ref>{{cite web |title="A Tour of The Worm" by Donn Seeley, University of Utah |url=http://world.std.com/~franl/worm.html |access-date=2007-06-03 |archive-url=https://web.archive.org/web/20070520233435/http://world.std.com/~franl/worm.html <!-- Bot retrieved archive --> |archive-date=2007-05-20}}</ref> Later, in 1995, Thomas Lopatic independently rediscovered the buffer overflow and published his findings on the [[Bugtraq]] security mailing list.<ref>{{cite web |title=Bugtraq security mailing list archive |url=http://www.security-express.com/archives/bugtraq/1995_1/0403.html |access-date=2007-06-03 |archive-url=https://web.archive.org/web/20070901222723/http://www.security-express.com/archives/bugtraq/1995_1/0403.html <!-- Bot retrieved archive --> |archive-date=2007-09-01}}</ref> A year later, in 1996, [[Elias Levy]] (also known as Aleph One) published in ''[[Phrack]]'' magazine the paper "Smashing the Stack for Fun and Profit",<ref>{{cite web |title="Smashing the Stack for Fun and Profit" by Aleph One |url=https://phrack.org/issues/49/14 |access-date=2025-03-06}}</ref> a step-by-step introduction to exploiting stack-based buffer overflow vulnerabilities.

Since then, at least two major internet worms have exploited buffer overflows to compromise a large number of systems. In 2001, the [[Code Red worm]] exploited a buffer overflow in Microsoft's [[Internet Information Services]] (IIS) 5.0<ref>{{cite web |title=eEye Digital Security |url=http://research.eeye.com/html/advisories/published/AL20010717.html |access-date=2007-06-03 |archive-date=2009-06-20 |archive-url=https://web.archive.org/web/20090620085700/http://research.eeye.com/html/advisories/published/AL20010717.html |url-status=dead }}</ref> and in 2003 the [[SQL Slammer]] worm compromised machines running [[Microsoft SQL Server 2000]].<ref>{{cite web |title=Microsoft Technet Security Bulletin MS02-039 |website=[[Microsoft]] |url=http://www.microsoft.com/technet/security/bulletin/ms02-039.mspx |access-date=2007-06-03 |archive-url=https://web.archive.org/web/20080307052903/http://www.microsoft.com/technet/security/bulletin/ms02-039.mspx |archive-date=2008-03-07 |url-status=dead}}</ref>

In 2003, buffer overflows present in licensed [[Xbox (console)|Xbox]] games have been exploited to allow unlicensed software, including [[homebrew (video games)|homebrew games]], to run on the console without the need for hardware modifications, known as [[modchip]]s.<ref>{{cite web |url=http://www.gamesindustry.biz/content_page.php?aid=1461 |archive-url=https://web.archive.org/web/20070927210513/http://www.gamesindustry.biz/content_page.php?aid=1461 |archive-date=2007-09-27 |title=Hacker breaks Xbox protection without mod-chip |access-date=2007-06-03}}</ref> The [[PS2 Independence Exploit]] also used a buffer overflow to achieve the same for the [[PlayStation 2]]. The Twilight hack accomplished the same with the [[Wii]], using a buffer overflow in ''[[The Legend of Zelda: Twilight Princess]]''.