Short Name |
APP:LIBGTOP-FMT-STR |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
LibGTop Format String Attack |
Release Date |
2005/03/30 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in libgtop. Attackers can send a malformed request that can allow them to take control of the server with libgtop process privileges.
The GNOME libgtop_daemon is used to monitor processes running on a remote Linux system running GNOME. Under some conditions, when a remote connection fails, user supplied input is used as a format string within a log message. A malicious user may construct a string including format modifiers, causing stack information to be written to the log file, and possibly leading to remote execution of arbitrary code. Older versions of libgtop_daemon may share this vulnerability.