Which of the following types of attacks is often a result of programmer error within a C++ application?
A. a ping of death attack
B. a buffer overflow attack
C. an ARP poisoning attack
D. a DDoS attack
Explanation:
A buffer overflow attack is often a result of programmer error within a C++ application. Although many programming languages are vulnerable to buffer overflow attacks, C++ is particularly vulnerable. A buffer overflow is caused when too much data is sent to the same memory location, causing it to overflow into another memory location that might be used by another service or application. A buffer is a memory location with a fixed length and is used for temporarily storing data. A buffer overflow attack involves an attacker exploiting a software bug so that data is written beyond the memory buffer, which could allow an attacker to potentially execute malicious code on the computer. Mitigating buffer overflow attacks typically involves resolving any bugs in the software that could lead to a situation where a buffer overflow could occur. Buffer overflow code typically looks like the following text:
“\x46\x46\x47\x77\x49\x6f\x4b\x65\x4c\x78\x4e\x70\x45\x51\x47” “\x30\x46\x30\x43\x70\x50\x50\x47\x30\x46\x30\x43\x58\x4a\x4a” “\x78\x44\x35\x4a\x4c\x43\x58\x4a\x50\x48\x35\x4d\x72\x43\x66” “\x43\x6f\x4b\x4f\x4e\x35\x43\x31\x48\x43\x51\x39\x4f\x36\x4c”
An Address Resolution Protocol (ARP) poisoning attack is not typically the result of programmer error within an application. ARP poisoning is a man-in-the-middle attack that replaces entries in the ARP cache on a device. The ARP cache contains a table of 32-bit IP addresses and their corresponding 48-bit Media Access Control (MAC) addresses. ARP poisoning occurs when the cache is intentionally populated with false IP-to-MAC address associations. This allows a malicious user to redirect network traffic through a different computer than the sender intended. ARP poisoning allows the malicious user to intercept, inspect, and alter packets on their way to the intended recipient.
A Distributed Denial of Service (DDoS) attack is not typically the result of programmer error within an application. A DDoS attack exploits system and network vulnerabilities to limit access to, prevent access to, or shut down a network or a computer, such as a web server. Perpetrators of DDoS attacks typically use zombies; zombies are computers that are being controlled remotely by malicious users without the knowledge of the computer’s owner. In a DDoS attack, a malicious user directs the zombies to send a flood of packets to the intended target. The goal of the attack is to send so many packets to the target that the target is unable to accept packets; overloading the target prevents legitimate hosts from connecting to the target.
A ping of death attack is not typically the result of programmer error within an application. A ping of death attack is performed by sending malformed Internet Control Message Protocol (ICMP) messages that exceed the maximum packet size to a target system. Before transmission, the ping of death is fragmented into well-formed groups of eight octets, or bytes. When the fragments are reassembled by the target computer, a buffer overflow can occur, which can cause the target computer to crash.
Reference: https://owasp.org/www-community/vulnerabilities/Buffer_Overflow