CVE-2007-0235
published 2007-01-16CVE-2007-0235: Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash)…
PriorityP421low3.7CVSS 2.0
AVLACHAuNCPIPAP
EXPLOIT
EPSS
0.89%
54.7th percentile
Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libgtop2 | < libgtop2 2.14.4-3 (bookworm) | libgtop2 2.14.4-3 (bookworm) |
| libgtop | libgtop | <= 2.14.5 | — |
CVSS provenance
nvdv2.03.7LOWAV:L/AC:H/Au:N/C:P/I:P/A:P
osv3.7LOW
vendor_debian3.7MEDIUM
vendor_redhat3.7LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
Stack overflow libgtop when pathname of mmap()-ed file is too long
vendor_redhat·2007-01-14·CVSS 3.7
CVE-2007-0235 [LOW] Stack overflow libgtop when pathname of mmap()-ed file is too long
Stack overflow libgtop when pathname of mmap()-ed file is too long
Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor.
Statement: Not vulnerable. This issue did not affect the versions of libgtop as shipped with Red Hat Enterprise Linux 2.1 or 3.
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
This flaw affects Red Hat Enterprise Linux 4 and is being tracked via the following bug:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=249884
Debian
CVE-2007-0235: libgtop2 - Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop be...
vendor_debian·2007·CVSS 3.7
CVE-2007-0235 [LOW] CVE-2007-0235: libgtop2 - Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop be...
Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor.
Scope: local
bookworm: resolved (fixed in 2.14.4-3)
bullseye: resolved (fixed in 2.14.4-3)
forky: resolved (fixed in 2.14.4-3)
sid: resolved (fixed in 2.14.4-3)
trixie: resolved (fixed in 2.14.4-3)
GHSA
GHSA-xwpj-cq6f-3cxv: Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2
ghsa_unreviewed·2022-05-01
CVE-2007-0235 [LOW] CWE-119 GHSA-xwpj-cq6f-3cxv: Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2
Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor.
OSV
CVE-2007-0235: Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2
osv·2007-01-16·CVSS 3.7
CVE-2007-0235 [LOW] CVE-2007-0235: Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2
Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor.
No detection rules found.
Bugzilla
CVE-2007-0235 Stack overflow libgtop when pathname of mmap()-ed file is too long
bugzilla·2007-07-27·CVSS 3.7
CVE-2007-0235 [LOW] CVE-2007-0235 Stack overflow libgtop when pathname of mmap()-ed file is too long
CVE-2007-0235 Stack overflow libgtop when pathname of mmap()-ed file is too long
+++ This bug was initially created as a clone of Bug #222637 +++
Description of problem:
Stack based buffer overflow occurs, when gnome-system monitor is launched
while process that has a file with too long filename mapped in its address
space (visible via /proc/$PID/maps), and could potentially lead to arbitrary
code execution (mitigated by SSP).
Version-Release number of selected component (if applicable):
At least FC6 and RHEL5 libgtop2.
How reproducible:
Always.
Steps to Reproduce:
# Create a file with too long pathname. Some filesystems limit filenames
# to 255 characters, so use a deep directory hierarchy instead
export dir=$(perl -e " print 's/'x1000;")
mkdir -p $dir
# Copy a binary image that
Bugzilla
CVE-2007-0235 Stack overflow libgtop when pathname of mmap()-ed file is too long
bugzilla·2007-01-15·CVSS 3.7
CVE-2007-0235 [LOW] CVE-2007-0235 Stack overflow libgtop when pathname of mmap()-ed file is too long
CVE-2007-0235 Stack overflow libgtop when pathname of mmap()-ed file is too long
Description of problem:
Stack based buffer overflow occurs, when gnome-system monitor is launched
while process that has a file with too long filename mapped in its address
space (visible via /proc/$PID/maps), and could potentially lead to arbitrary
code execution (mitigated by SSP).
Version-Release number of selected component (if applicable):
At least FC6 and RHEL5 libgtop2.
How reproducible:
Always.
Steps to Reproduce:
# Create a file with too long pathname. Some filesystems limit filenames
# to 255 characters, so use a deep directory hierarchy instead
export dir=$(perl -e " print 's/'x1000;")
mkdir -p $dir
# Copy a binary image thata will get mapped upon execution there and run it.
# Sleep will ha
http://bugzilla.gnome.org/show_bug.cgi?id=396477http://ftp.gnome.org/pub/gnome/sources/libgtop/2.14/libgtop-2.14.6.newshttp://osvdb.org/32815http://secunia.com/advisories/23736http://secunia.com/advisories/23777http://secunia.com/advisories/23814http://secunia.com/advisories/23840http://secunia.com/advisories/23872http://secunia.com/advisories/24015http://secunia.com/advisories/26367http://security.gentoo.org/glsa/glsa-200701-17.xmlhttp://www.debian.org/security/2007/dsa-1255http://www.mandriva.com/security/advisories?name=MDKSA-2007:023http://www.redhat.com/support/errata/RHSA-2007-0765.htmlhttp://www.securityfocus.com/bid/22054http://www.securitytracker.com/id?1018526http://www.ubuntu.com/usn/usn-407-1http://www.vupen.com/english/advisories/2007/0185http://www.vupen.com/english/advisories/2007/0187https://exchange.xforce.ibmcloud.com/vulnerabilities/31522https://issues.rpath.com/browse/RPL-972https://launchpad.net/bugs/79206https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10720http://bugzilla.gnome.org/show_bug.cgi?id=396477http://ftp.gnome.org/pub/gnome/sources/libgtop/2.14/libgtop-2.14.6.newshttp://osvdb.org/32815http://secunia.com/advisories/23736http://secunia.com/advisories/23777http://secunia.com/advisories/23814http://secunia.com/advisories/23840http://secunia.com/advisories/23872http://secunia.com/advisories/24015http://secunia.com/advisories/26367http://security.gentoo.org/glsa/glsa-200701-17.xmlhttp://www.debian.org/security/2007/dsa-1255http://www.mandriva.com/security/advisories?name=MDKSA-2007:023http://www.redhat.com/support/errata/RHSA-2007-0765.htmlhttp://www.securityfocus.com/bid/22054http://www.securitytracker.com/id?1018526http://www.ubuntu.com/usn/usn-407-1http://www.vupen.com/english/advisories/2007/0185http://www.vupen.com/english/advisories/2007/0187https://exchange.xforce.ibmcloud.com/vulnerabilities/31522https://issues.rpath.com/browse/RPL-972https://launchpad.net/bugs/79206https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10720
2007-01-16
Published