Scientific Linux Security Update : libgtop2 on SL4.x i386/x86_64
Low Nessus Plugin ID 60240
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA flaw was found in the way libgtop2 handled long filenames mapped into the address space of a process. An attacker could execute arbitrary code on behalf of the user running gnome-system-monitor by executing a process and mapping a file with a specially crafted name into the processes' address space. (CVE-2007-0235)
This update also fixes the following bug :
- when a version of libgtop2 compiled to run on a 32-bit architecture was used to inspect a process running in 64-bit mode, it failed to report certain information regarding address space mapping correctly.
SolutionUpdate the affected libgtop2 and / or libgtop2-devel packages.