MDKSA-2001:094
- Nom du paquet
- libgtop
- Date
- 2001-12-19
- Advisory ID
- MDKSA-2001:094
- Affected versions
- 8.1 i586 , CS1.0 i586 , 8.1 i586 , 8.0 i586 , 8.0 i586 , 7.1 i586 , 7.2 i586
Problem description
A remote format string vulnerability was found in the libgtop daemon by Laboratory intexxia. By sending a specially crafted format string to the server, a remote attacker could potentially execute arbitrary code on the remote system with the daemon's permissions. By default libgtop runs as the user nobody, but the flaw could be used to compromise local system security by allowing the attacker to exploit other local vulnerabilities. A buffer overflow was also found by Flavio Veloso which could allow the client to execute code on the server. Both vulnerabilities are patched in this update and will be fixed upstream in version 1.0.14. libgtop_daemon is not invoked by default anywhere in Mandrake Linux.
Updated packages
8.1 i586
31f68bbde5ead6d8262c5b5cfb056918 ia64/8.1/RPMS/libgtop1-1.0.12-4.1mdk.ia64.rpm c454857c349043d5f20b7b34d61fe1b2 ia64/8.1/RPMS/libgtop1-devel-1.0.12-4.1mdk.ia64.rpm ae5c879fd1557cf964c4da572597ee94 ia64/8.1/SRPMS/libgtop-1.0.12-4.1mdk.src.rpm
CS1.0 i586
4460a5e35ae7d547298577edeff6f599 1.0.1/RPMS/libgtop-1.0.7-0.2mdk.i586.rpm f9475e8907edcc20aade65e50829f609 1.0.1/RPMS/libgtop-devel-1.0.7-0.2mdk.i586.rpm 597321a95fbf7bc1e23510f478fb78e5 1.0.1/SRPMS/libgtop-1.0.7-0.2mdk.src.rpm
8.1 i586
20b663d5dd475a7fdc3a538f1a2a3eef 8.1/RPMS/libgtop1-1.0.12-4.1mdk.i586.rpm 0bcd19f280c7723e098918bbc68f52af 8.1/RPMS/libgtop1-devel-1.0.12-4.1mdk.i586.rpm ae5c879fd1557cf964c4da572597ee94 8.1/SRPMS/libgtop-1.0.12-4.1mdk.src.rpm
8.0 i586
2a063541aa9f9a100dd4c65b732224fd 8.0/RPMS/libgtop1-1.0.12-4.1mdk.i586.rpm fb4cfb4b72e16121a6dab24e093b1de3 8.0/RPMS/libgtop1-devel-1.0.12-4.1mdk.i586.rpm ae5c879fd1557cf964c4da572597ee94 8.0/SRPMS/libgtop-1.0.12-4.1mdk.src.rpm
8.0 i586
8e1dbba939c6281e22f57056dea4bb21 ppc/8.0/RPMS/libgtop1-1.0.12-4.1mdk.ppc.rpm 573688a8cdb56d2f07b8fc014784d036 ppc/8.0/RPMS/libgtop1-devel-1.0.12-4.1mdk.ppc.rpm ae5c879fd1557cf964c4da572597ee94 ppc/8.0/SRPMS/libgtop-1.0.12-4.1mdk.src.rpm
7.1 i586
4460a5e35ae7d547298577edeff6f599 7.1/RPMS/libgtop-1.0.7-0.2mdk.i586.rpm f9475e8907edcc20aade65e50829f609 7.1/RPMS/libgtop-devel-1.0.7-0.2mdk.i586.rpm 597321a95fbf7bc1e23510f478fb78e5 7.1/SRPMS/libgtop-1.0.7-0.2mdk.src.rpm
7.2 i586
a7884a2c6af568510428aa02a354a30c 7.2/RPMS/libgtop-1.0.9-5.1mdk.i586.rpm 00d86824f66784890e348752144a476f 7.2/RPMS/libgtop-devel-1.0.9-5.1mdk.i586.rpm 6515e7d2a32b750062833cb59dbc64e7 7.2/SRPMS/libgtop-1.0.9-5.1mdk.src.rpm