How to Buy
This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200701-17
(libgtop: Privilege escalation)
Liu Qishuai discovered that glibtop_get_proc_map_s() in
sysdeps/linux/procmap.c does not properly allocate memory for storing a
filename, allowing certain filenames to cause the buffer to overflow on
By tricking a victim into executing an application that uses the
libgtop library (e.g. libgtop_daemon or gnome-system-monitor), a local
attacker could specify a specially crafted filename to be used by
libgtop causing a buffer overflow and possibly execute arbitrary code
with the rights of the user running the application.
There is no known workaround at this time.
See also :
All libgtop users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=gnome-base/libgtop-2.14.6'
Risk factor :
Low / CVSS Base Score : 3.7
Family: Gentoo Local Security Checks
Nessus Plugin ID: 24253 (gentoo_GLSA-200701-17.nasl)
CVE ID: CVE-2007-0235
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.