Ever wondered what a buffer overflow is? well i was looking around and found some info..
http://www.linuxjournal.com/article/6701
http://destroy.net/machines/security/P49-14-Aleph-One
If anybody has any questions about buffer overflows (heap or stack), format string vulnerabilities, shellcode, etc., feel free to ask here. I know all about that stuff in gory detail. Or if you're really interested, "Hacking: The Art of Exploitation" by Jon Erickson is an amazing book.
hrm, ill look into the book...The art of deception is a good book :)
Wanna shed some insight on shellcode to a curious person :)
http://shellcode.org/Shellcode/
Shellcode is some machine code which, when tricked into running, spawns a shell for you (which lets you enter arbitrary commands). There are all sorts of ways to do it, like for example:
Compact shellcode -- least number of instructions
polymorphic shellcode -- rewrites itself to get around programs that recognize shellcode
visible-character (or even alphanumeric) shellcode -- all machine code instructions are made up of visible characters, or even alphanumeric. That way if a field only permits a-zA-Z0-9, you can put your shellcode in anyway.
There are other sneaky ways to do it, but the main point is that you trick a program (using a stack overflow, heap overflow, format string vulnerability, etc.) into running the code.