SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information

Report a Vulnerability

 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#705771

gtop daemon contains buffer overflow

Overview

A buffer overflow exists in the gtop daemon.

I. Description

A buffer overflow in gtopd, specifically permitted(), may allow a remote attacker to execute arbitrary code. For more detailed information, please see Flavio Veloso's analysis.

gtop background information

Many Unix systems allow only privileged processes to access information about other running processes. For example, an unprivileged process will typically not have the ability to acquire details regarding the memory or CPU usage of another process. As a result of these limitations, system utilities like uptime or top are frequently setuid root or setgid kmem. This makes it difficult to write a graphical system utility like cpumemusage or gtop because making a GTK+ program setgid or setuid would introduce additional security risks. The gtop daemon was designed to access this type of privileged information and disseminate it to the unprivileged applications requesting privileged data such as memory and CPU usage. Therefore, gtop is a setgid/setuid server designed to run on a host and gather privileged information and pass it to GUI clients.

II. Impact

A remote attacker may be able to execute arbitrary code with elevated privileges. Depending on the particular way gtop is built and implemented, it may also be possible for an attacker to read kernel memory. The ability to read kernel data is particularly dangerous because there is often sensitive data such as terminal activity, network traffic, and other types of privileged information residing in kernel memory space. Because of this, it may be possible for an attacker to leverage this vulnerability to gain root access to the local system, and possibly other systems interacting with the host running the gtop daemon.

III. Solution

Apply a patch from your vendor.

Systems Affected

VendorStatusDate NotifiedDate Updated
ConectivaVulnerable19-Aug-2003
DebianVulnerable19-Aug-2003
FreeBSDVulnerable19-Aug-2003
MandrakeSoftVulnerable19-Aug-2003

References

http://www.securityfocus.com/archive/1/242922
http://www.securityfocus.com/bid/3594

Credit

This vulnerability was discovered by Flavio Veloso.

This document was written by Ian A. Finlay.

Other Information

Date Public:2001-11-28
Date First Published:2003-08-19
Date Last Updated:2003-08-19
CERT Advisory: 
CVE-ID(s):CVE-2001-0928
NVD-ID(s):CVE-2001-0928
US-CERT Technical Alerts: 
Severity Metric:9.62
Document Revision:48

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2003 Carnegie Mellon University
Disclaimers and copyright information
Get a PDF Reader