Shell Code: creates a shell which allows it to execute any code the attacker wants.
Whose privileges are used when attacker code is executed?
・The hose program’s
・System service or OS root privileges
Return-to-libc: the return address is overwritten to point to a standard library function.
Heap Overflows: data stored in the heap is overwritten, data can be tables of function pointers.
OpenSSL Heartbleed Vulnerability: read much more of the buffer than just the data, which may include sensitive data.
