Question: can you please identify two vulnerabilities and explain how they could be exploited by an attacker. Please use a diagram to explain the attack mechanism.

can you please identify two vulnerabilities and explain how they could be exploited by an attacker. Please use a diagram to explain the attack mechanism. I believe it is vulnerable to buffer overflow but im not 100% sure. Then can you please demonstrate code improvements that. could be used to prevent the attack, please include the source code that would be used to illustrate the improvements. Code is in C.

class employee{ public: char name[10]; char address[10]; ... void setName(char* nm){ strcpy(name, nm); } void getName(char** nm){ strcpy(*nm,name); } void setAddress(char* adr){ strcpy(address, adr); } void getAddress(char** adr){ strcpy(*adr,address); } }; int main() { employee emp; char p[10]; ... emp.setName(p); ... emp.getName((char**)&nm); return 0; }

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

A new version of the operating system is being planned for installation into your departments production environment. What sort of testing would you recommend is done before your department goes live...

How we think about security really matters. Using examples from the paper of the same name (below), illustrate this point. How to Think about Security James A. Whittaker and Richard Ford Florida...

all the questions are on this website: https://owasp.org/www-project-juice-shop/ Part A: Mapping the information assets and analyzing threats on the app 30) points for a group of 2 and 45 points for...

This assignment gives you the opportunity to examine a real software requirements specification. This will give you the chance to become more familiar with the different elements in an SRS. For this...

1.Review the attached software requirements specification document. 2. In a separate document, identify two positive aspects of this SRS document. Justify your answer by specifying what you find...

The discussion of live respnose is posted below. anythe question based on the live response... Watch the archived webinar shown below and answer the questions listed below. Your answers should be...

1. Clearly explain the differences and relationships between virus, worm, Trojan horse, and buffer overflow attack packets. (10 points) 2. All the following questions are against the penetration...

Brose and FastFit are two very different organizations but both rely on information technology to enable business processes. What are the mission, goals, and representative strategies for these two...

please identify hearsay evidence in Trial 2 in a tabular form (please cite references where appropriate). tabular form e.g. please give at least 15 hearsay evidence and statments. please see the...

The store offers three software products: video game, Console, and a controller. Information for the stand-alone selling prices and costs of its individual products is as follows: Stand-Alone Selling...

Identify the eight major steps in planning audits.

Which of the following statements is correct? Group of answer choices Growing perpetuity is widely used in the valuation of common stock of firms that have a policy and history of paying dividends...

5. Develop a scenario comparing two PH programs and involving the use of a CBA.

What are two circumstances that affect interpretation of fair use of copyrighted material? (Objective 2)

How can a business or organization code of conduct help guide communication by its employees or members? (Objective 5)

Ethics. Technology. You received an iPod for your birthday that stores videos and pictures as well as music. Describe how using your iPod would increase your selectivity for content choice, time, and...