Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2007:023: libgtop2


Vulnerability Assessment Details

MDKSA-2007:023: libgtop2

Vulnerability Assessment Summary
Check for the version of the libgtop2 package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory MDKSA-2007:023 (libgtop2).

Stack-based buffer overflow in the glibtop_get_proc_map_s function in
libgtop before 2.14.6 (libgtop2) permits local users to cause a denial
of service (crash) and possibly execute arbitrary code via a process
with a long filename that is mapped in its address space, which
triggers the overflow in gnome-system-monitor.
The updated packages have been patched to correct this problem.

Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2007:023
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2007 Tenable Network Security

Cables, Connectors

Verbatim Ditto Max 2.5 / 5GB Flash File Partition Memory Cartridge # 92769 - NOS
$9.19
Verbatim Ditto Max 2.5 / 5GB Flash File Partition Memory Cartridge # 92769 - NOS picture2TB usb flash drive
$49.99
2TB usb flash drive pictureLexar 128GB JumpDrive Tough USB 3.1 Flash Drive, 130MB/s Read 25MB/s Write Speed
$44.99
Lexar 128GB JumpDrive Tough USB 3.1 Flash Drive, 130MB/s Read 25MB/s Write Speed pictureNIB - Retail Plus F931A 9.7IN Android 4.0 Tablet 1GB 16G Nand Flash WiFi - 71737
$45.73
NIB - Retail Plus F931A 9.7IN Android 4.0 Tablet 1GB 16G Nand Flash WiFi - 71737 picture


Discussions

No Discussions have been posted on this vulnerability.