The buffer overflow is a nasty manipulation technique that can, in the worst case, significantly alter a program's execution.

The stack on x86 systems grows downwards (towards the low memory), and arrays (buffers) grow upwards. Now consider this stack format, which will apply to any C program executed on a little endian (x86) machine:

      ...
      RetAdr
      OldBP          <<< base pointer
      08070605
      04030201      start of the buffer
      [   ]          <<< stack pointer
    

It would be easy to manipulate the execution of the following program by changing the return address to a more favorable one.

      int main(void) {
        if(validate()==1) secretArea();
        else printf("Wrong password!\n");
      }
        
      int validate(void) {
        char input[10];
        gets(input);
        if(strcmp(input,password)==0) return 1;
        else return 0;
      }
    

Assuming you have disassembled the target of attack and found the address of secretArea to be 0x80402010, the following payload will cause trouble:

After filling the buffer with crap and overwriting the old base pointer, we inject the return address (in little endian format). The validate() function will now return into secretArea(). Voilá.

By overflowing the buffer, we caused an arc injection (redirecting control flow of the program). To prevent this, never take user input without checking for the length, i.e. send gets() to hell.