Gentoo Archives: gentoo-announce

From: Matthias Geerdsen <vorlon@g.o>
To: gentoo-announce@g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200701-17 ] libgtop: Privilege escalation
Date: Tue, 23 Jan 2007 09:31:39
Message-Id: 45B5D1F8.7080602@gentoo.org
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200701-17
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: libgtop: Privilege escalation
9 Date: January 23, 2007
10 Bugs: #162169
11 ID: 200701-17
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 libgtop improperly handles filenames, possibly allowing for the
19 execution of arbitrary code.
20
21 Background
22 ==========
23
24 libgtop facilitates the libgtop_daemon, which is used by GNOME to
25 obtain information about remote systems.
26
27 Affected packages
28 =================
29
30 -------------------------------------------------------------------
31 Package / Vulnerable / Unaffected
32 -------------------------------------------------------------------
33 1 gnome-base/libgtop < 2.14.6 >= 2.14.6
34
35 Description
36 ===========
37
38 Liu Qishuai discovered that glibtop_get_proc_map_s() in
39 sysdeps/linux/procmap.c does not properly allocate memory for storing a
40 filename, allowing certain filenames to cause the buffer to overflow on
41 the stack.
42
43 Impact
44 ======
45
46 By tricking a victim into executing an application that uses the
47 libgtop library (e.g. libgtop_daemon or gnome-system-monitor), a local
48 attacker could specify a specially crafted filename to be used by
49 libgtop causing a buffer overflow and possibly execute arbitrary code
50 with the rights of the user running the application.
51
52 Workaround
53 ==========
54
55 There is no known workaround at this time.
56
57 Resolution
58 ==========
59
60 All libgtop users should upgrade to the latest version:
61
62 # emerge --sync
63 # emerge --ask --oneshot --verbose ">=gnome-base/libgtop-2.14.6"
64
65 References
66 ==========
67
68 [ 1 ] CVE-2007-0235
69 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0235
70
71 Availability
72 ============
73
74 This GLSA and any updates to it are available for viewing at
75 the Gentoo Security Website:
76
77 http://security.gentoo.org/glsa/glsa-200701-17.xml
78
79 Concerns?
80 =========
81
82 Security is a primary focus of Gentoo Linux and ensuring the
83 confidentiality and security of our users machines is of utmost
84 importance to us. Any security concerns should be addressed to
85 security@g.o or alternatively, you may file a bug at
86 http://bugs.gentoo.org.
87
88 License
89 =======
90
91 Copyright 2007 Gentoo Foundation, Inc; referenced text
92 belongs to its owner(s).
93
94 The contents of this document are licensed under the
95 Creative Commons - Attribution / Share Alike license.
96
97 http://creativecommons.org/licenses/by-sa/2.5

Attachments

File name MIME type
signature.asc application/pgp-signature