PRIOn knowledge basePRION:CVE-2008-5076

HistoryNov 14, 2008 - 6:09 p.m.

Design/Logic Flaw

2008-11-1418:09:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

htop 0.7 writes process names to a terminal without sanitizing non-printable characters, which might allow local users to hide processes, modify arbitrary files, or have unspecified other impact via a process name with “crazy control strings.”

CPENameOperatorVersion
htopeq0.7

CPE	Name	Operator	Version
	htop	eq	0.7

References

bugs.debian.org/504144

lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html

www.openwall.com/lists/oss-security/2008/11/02/1

www.openwall.com/lists/oss-security/2008/11/14/3

www.securityfocus.com/bid/32081

exchange.xforce.ibmcloud.com/vulnerabilities/46321