LibGTop Buffer Overflow in glibtop_get_proc_map_s() May Let Local Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1018526
|
|
SecurityTracker URL: http://securitytracker.com/id?1018526
|
|
CVE Reference: CVE-2007-0235
(Links to External Site)
|
Date: Aug 7 2007
|
Impact: Denial of service via local system, Execution of arbitrary code via local system, User access via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 2.14.x prior to 2.14.6
|
Description: A vulnerability was reported in LibGTop. A local user can cause denial of service conditions. A local user may be able to obtain elevated privileges on the target system.
A local user can trigger a stack overflow in glibtop_get_proc_map_s() to cause denial of service conditions or potentially execute arbitrary code on the target system.
The overflow resides in 'sysdeps/linux/procmap.c'.
|
Impact: A local user can cause denial of service conditions on the target system.
A local user may be able to obtain elevated privileges on the target system.
|
Solution: The vendor has issued a fixed version (2.14.6), available at:
http://ftp.gnome.org/pub/gnome/sources/libgtop/2.14/
|
Vendor URL: ftp.gnome.org/pub/gnome/sources/libgtop/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Tue, 7 Aug 2007 18:15:34 -0400
Subject: libgtop2
|
http://bugzilla.gnome.org/show_bug.cgi?id=396477
Bug 396477 – CVE-2007-0235: stack overflow in sysdeps/linux/procmap.c: glibtop_get_proc_map_s()
|
|
