Detections
Analytics

GNOME libgtop Daemon Remote Format String

high Nessus Plugin ID 10812

Synopsis

The remote host is running an application that is vulnerable to a format string attack.

Description

It seems that libgtop is/was running on this port and is vulnerable to a format string attack which may allow an attacker to gain a shell on this host (with the privileges of 'nobody').

Solution

Upgrade to libgtop 1.0.13 or later.

See Also

https://seclists.org/bugtraq/2001/Nov/223

Plugin Details

Severity: High

ID: 10812

File Name: libgtop_daemon.nasl

Version: 1.20

Type: remote

Published: 11/27/2001

Updated: 11/15/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Vulnerability Publication Date: 11/27/2001

Reference Information

CVE: CVE-2001-0927