VULHUB ™

ntop is a tool designed to give an overview of network performance and usage, similar to the Unix top command. ntop was designed for Linux, BSD and Unix based systems, although it has also been ported to Windows. A vulnerability has been reported in some versions of ntop. User supplied data is used in an unsafe manner in printf and syslog calls, leading to a format string vulnerability. Exploitation of this vulnerability may result in the execution of arbitrary code. If ntop is executed with the -w flag, it may be possible to remotely exploit this vulnerability through a malicious HTTP request. It was also reported that this condition was produced using Netscape with the following web request: http://target:port/`ls` This occurred because Netscape was URL encoding the request, which caused the request to be interpreted as a format string by NTop. For example, `ls` is converted to %60ls%60. Other versions of ntop may share this vulnerability. This has not been confirmed.

ntop is a tool designed to give an overview of network performance and usage, similar to the Unix top command. ntop was designed for Linux, BSD and Unix based systems, although it has also been ported to Windows. A vulnerability has been reported in some versions of ntop. User supplied data is used in an unsafe manner in printf and syslog calls, leading to a format string vulnerability. Exploitation of this vulnerability may result in the execution of arbitrary code. If ntop is executed with the -w flag, it may be possible to remotely exploit this vulnerability through a malicious HTTP request. It was also reported that this condition was produced using Netscape with the following web request: http://target:port/`ls` This occurred because Netscape was URL encoding the request, which caused the request to be interpreted as a format string by NTop. For example, `ls` is converted to %60ls%60. Other versions of ntop may share this vulnerability. This has not been confirmed.