Preventing Buffer Overflow Exploits Using the Linux Distributed Security Module, Part 1 - page 2
A buffer overflow occurs when a program or a process tries to store more data in a buffer than what the buffer is intended to hold. Since buffers are created to contain a finite amount of data, the extra information that has to go somewhere, can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.
Although it may occur accidentally through a programming error, buffer overflow is an increasingly common type of security exploit on data integrity. In a buffer overflow exploit scenario, the extra data may contain codes designed to trigger specific actions such as sending new instructions to the attacked server that could, for instance, damage usersï¿½ files, change data, or disclose confidential information.
In order to prevent buffer overflow exploits, it is necessary to understand how it occurs. If the buffer overflow is a result of an accidental misuse of the vulnerable program, then the outcome will be a crash of this program. However, if the exploit is the work of a malicious attack, then the consequences can be more severe.