Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5076

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2008-5076
Last Modified 30 Oct 2012 11:06:44
Published 14 Nov 2008 01:09:25
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-5076

Summary

htop 0.7 writes process names to a terminal without sanitizing non-printable characters, which might allow local users to hide processes, modify arbitrary files, or have unspecified other impact via a process name with "crazy control strings."

Vulnerable Systems

Application

  • Htop 0.7


References

XF - htop-processname-weak-security(46321)

MLIST - [oss-security] 20081114 Re: CVE id request: htop

MLIST - [oss-security] 20081102 CVE id request: htop

SUSE - SUSE-SR:2008:026

CONFIRM - http://bugs.debian.org/504144

BID - 32081


Last Updated: 27 May 2016 10:49:46