libgtop daemon vulnerability
Updated 2/5/02
CAN 2001-0927
CAN 2001-0928
Impact
A remote attacker could execute arbitrary code with the
privileges of the libgtop daemon.
Background
The libgtop daemon is a GNOME daemon which is used to
monitor processes on a remote server. It is started with
nobody permissions by default.
The Problems
11/30/01
CAN 2001-0927
The libgtop daemon has missing format strings in calls to the
syslog_message() and syslog_io_message()
functions. It is thereby possible for a remote attacker to
specify the format strings through the input data to the
daemon. By sending a specially crafted format string, it is
possible for the attacker to execute arbitrary code on the
server. libgtop versions prior to 1.0.13 are affected by
this vulnerability.
2/5/02
CAN 2001-0928
Due to a second, unrelated buffer overflow vulnerability in
the permitted function, it
is still possible for a remote attacker to execute arbitrary
code using libgtop 1.0.13 unless a patch has been applied.
Resolution
Upgrade to
libgtop 1.0.13 or higher, and install the patch which was
posted to Bugtraq.
Where can I read more about this?
These vulnerabilities were reported to Bugtraq on
11/27/01 and
11/28/01.