Format string vulnerability in top program allows local attackers to gain root privileges via the kill or renice function.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Freebsd | Freebsd | 3.5 (including) | 3.5 (including) |
| Freebsd | Freebsd | 3.5-stable (including) | 3.5-stable (including) |
| Freebsd | Freebsd | 3.5.1 (including) | 3.5.1 (including) |
| Freebsd | Freebsd | 3.5.1-release (including) | 3.5.1-release (including) |
| Freebsd | Freebsd | 3.5.1-stable (including) | 3.5.1-stable (including) |
| Freebsd | Freebsd | 4.0 (including) | 4.0 (including) |
| Freebsd | Freebsd | 4.0-alpha (including) | 4.0-alpha (including) |
| Freebsd | Freebsd | 4.1 (including) | 4.1 (including) |
| Freebsd | Freebsd | 4.1.1 (including) | 4.1.1 (including) |
References
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:62.top.v1.1.asc
- ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch
- http://www.securityfocus.com/bid/1895
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:62.top.v1.1.asc
- ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch
- http://www.securityfocus.com/bid/1895