CVE-2001-0927

Name of the Vulnerable Software and Affected Versions libgtop versions 1.0.12 and earlier

Description The issue is related to a format string vulnerability in the permitted function of GNOME libgtop daemon. This vulnerability allows remote attackers to execute arbitrary code by passing arguments that contain format specifiers into the (1) syslog message and (2) syslog io message functions.

Recommendations For libgtop versions 1.0.12 and earlier, consider restricting access to the vulnerable functions until a patch is available. As a temporary workaround, avoid using the syslog message and syslog io message functions with untrusted input. At the moment, there is no information about a newer version that contains a fix for this vulnerability.