SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Top Vendors:   LeFebvre, William et al
'top' Environment Variable Buffer Overflow Lets Local Users Execute Arbitrary Code
SecurityTracker Alert ID:  1007300
SecurityTracker URL:  http://securitytracker.com/id/1007300
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 25 2003
Impact:   Execution of arbitrary code via local system, Root access via local system
Exploit Included:  Yes  
Version(s): 2.0.11 and prior versions
Description:   A buffer overflow vulnerability was reported in the 'top' performance monitoring utility. A local user can execute arbitrary code. If the utility is configured with set user id (setuid) privilieges, the local user can gain elevated privileges.

A local user can reported set specially crafted environment variables to trigger the overflow and potentially execute arbitrary code, according to the report. It appears that top is not installed with setuid privileges by default on several distributions. However, if a distribution or an administrator configures top with setuid privileges, this flaw can allow a local user to gain root privileges.

A demonstration exploit is available at:

http://downloads.securityfocus.com/vulnerabilities/exploits/UHAGr.c

Tim <darksock@uhagr.org> is credited with reporting the flaw.

Impact:   A local user can execute arbitrary code. If the utility is configured in a non-default manner with setuid root privileges, the local user can gain root privileges on the system.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.groupsys.com/topinfo/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.


 Source Message Contents

Subject:  top vulnerability


SecurityFocus reported a buffer overflow in 'top'.  A local user can set specially crafted 
environment variables of "excessive length" to trigger the overflow and potentially 
execute arbitrary code, according to the report.

A demonstration exploit is available at:

http://downloads.securityfocus.com/vulnerabilities/exploits/UHAGr.c

Tim <darksock@uhagr.org> is credited with reporting the flaw.

Versions: 2.0.11 and prior

Vendor:  LeFebvre, William et al

URL:  http://www.groupsys.com/topinfo/



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC