News

2015-03-30
Net Activity Viewer 0.6.4 released

  • Fixed processing of commands and process names with invalid utf-8 characters. Some commands with bad utf-8 characters lead to an out of buffer read and possibly a denial of service security vulnerability (segfault application crash). No path for memory corruption or code execution was found.
    To exploit the potential vulnerability an attacker needs to control an utf-8 invalid sub-string in the command line of an application that uses network resources (ex: non URI or invalid URI encoding file name).
  • Fixed configuration file validation to not allow huge configuration files. A configuration file with a GB scale filter would result in an application crash with memory corruption and possibly code execution. This had some small potential to be exploited as a privilege authorization avoidance method to get root from a sudo administrator at a netactview run with sudo/gksu, if the attacker can already modify current sudo user configuration files. An attack may be practical only on high end servers. Some of the clarifications to the similar netactview 0.2.2 vulnerability apply here as well.
  • Fixed the display of multiple multicast dns connections listening on the same port. If process information was not fully available some of the connections with with identical protocol, addresses and ports would not be displayed. The fix makes all identical connections visible and uses additional identification information (inode) that is more often usable than the process ID. There still remain some connection tracking issues that will be handled better in netactview 0.7 .
  • Fixed the connections list save when saving as root to a folder that the current sudo user can modify. The file was not saved with the sudo user as owner in some cases.
  • Limited the DNS cache to prevent it from becoming a memory leak if the application is left open for a long time on a busy networking computer.
  • Implemented a few other small fixes.
  • Implemented some additional defence in depth measures to make security vulnerabilities less likely.
Sources:
netactview-0.6.4.tar.bz2

Ubuntu packages (Ubuntu 10.04 to 14.04 LTS):
32bit PC (x86): netactview_0.6.4-1_i386.deb
64bit PC (amd64): netactview_0.6.4-1_amd64.deb


2014-06-02
Net Activity Viewer 0.6.3 released

Sources:
netactview-0.6.3.tar.bz2

Ubuntu packages (Ubuntu 10.04 or newer):
32bit PC (x86): netactview_0.6.3-1_i386.deb
64bit PC (amd64): netactview_0.6.3-1_amd64.deb


2014-04-14
Net Activity Viewer 0.6.2 released

  • Fixed connections list refresh on 0 connections.
Sources:
netactview-0.6.2.tar.bz2

Ubuntu packages (Ubuntu 10.04 or newer):
32bit PC (x86): netactview_0.6.2-1_i386.deb
64bit PC (amd64): netactview_0.6.2-1_amd64.deb


2011-07-21
Net Activity Viewer 0.6.1 released

  • Fixed a network statistics bug visible when using PPPoE connections.
Sources:
netactview-0.6.1.tar.bz2

Ubuntu packages (Ubuntu 6.06 or newer):
Standard PC (x86): netactview_0.6.1-1_i386.deb
64bit PC (amd64): netactview_0.6.1-1_amd64.deb


2010-12-08
Net Activity Viewer 0.6 released

Sources:
netactview-0.6.tar.bz2

Ubuntu packages (Ubuntu 6.06 or newer):
Standard PC (x86): netactview_0.6-1_i386.deb
64bit PC (amd64): netactview_0.6-1_amd64.deb


2009-12-21
Net Activity Viewer 0.5.1 released

  • Fixed a bug in window size saving that appeared on XFCE.
Sources:
netactview-0.5.1.tar.bz2

Ubuntu packages (Ubuntu 6.06 or newer):
Standard PC (x86): netactview_0.5.1-1_i386.deb
64bit PC (amd64): netactview_0.5.1-1_amd64.deb


2009-12-20
Net Activity Viewer 0.5 released

  • Saving window size and state.
  • Added Estonian and Portuguese translations.
Sources:
netactview-0.5.tar.bz2

Ubuntu packages (Ubuntu 6.06 or newer):
Standard PC (x86): netactview_0.5-1_i386.deb
64bit PC (amd64): netactview_0.5-1_amd64.deb


2008-12-23
Net Activity Viewer 0.4.1 released

  • Fixed a filtering bug. Updated and closed connections were not filtered properly.
Sources:
netactview-0.4.1.tar.bz2

Ubuntu packages (Ubuntu 6.06 or newer):
Standard PC (x86): netactview_0.4.1-1-ubuntu_i386.deb
64bit PC (amd64): netactview_0.4.1-1-ubuntu_amd64.deb


2008-11-12
Net Activity Viewer 0.4 released

  • Added color highlight for new and closed connections.
  • Using gnome fixed width font for network statistics.
Sources:
netactview-0.4.tar.bz2

Ubuntu packages (Ubuntu 6.06 or newer):
Standard PC (x86): netactview_0.4-1-ubuntu_i386.deb
64bit PC (amd64): netactview_0.4-1-ubuntu_amd64.deb


2008-9-8
Net Activity Viewer 0.3.1 released

  • Fixed closed UDP enpoints status.
Sources:
netactview-0.3.1.tar.bz2

Ubuntu packages (Ubuntu 6.06 or newer):
Standard PC (x86): netactview_0.3.1-1-ubuntu_i386.deb
64bit PC (amd64): netactview_0.3.1-1-ubuntu_amd64.deb


2008-5-12
Net Activity Viewer 0.3 released

  • Added network connections filtering.
  • Fixed a suspend/resume bug.
Sources:
netactview-0.3.tar.bz2

Ubuntu packages (Ubuntu 6.06 or newer):
Standard PC (x86): netactview_0.3-1-ubuntu_i386.deb
64bit PC (amd64): netactview_0.3-1-ubuntu_amd64.deb


2008-2-24
Net Activity Viewer 0.2.2 released

  • Fixed a low risk security vulnerability in the restart as root action. An application which could already run as the current normal user was able to intercept the restart as root action in order to run as root.
  • Edit 2015-03-30:
    • 'normal user' is here the ubuntu default desktop user which is a sudo administrator
    • this was a privilege authorization avoidance vulnerability (as in UAC avoidance, but with a distinct user root that actually owns the administrative tasks and effects)
    • it may not be a vulnerability if gksu (used by 'restart as root') is not meant as an UAC alternative; still weak, in case gksu or its replacements are updated to be clearly an UAC (User Account Control) alternative
Sources:
netactview-0.2.2.tar.bz2

Ubuntu packages (Ubuntu 6.06 or newer):
Standard PC (x86): netactview_0.2.2-1-ubuntu_i386.deb
64bit PC (amd64): netactview_0.2.2-1-ubuntu_amd64.deb


2008-1-2
Net Activity Viewer 0.2.1 released

  • Fixed incorrect process name display. In some situations, for not established connections, the shown process was not the process that created the connection.
  • Improved error checking at program start.
Sources:
netactview-0.2.1.tar.bz2

Ubuntu packages (Ubuntu 6.06 or newer):
Standard PC (x86): netactview_0.2.1-1-ubuntu_i386.deb
64bit PC (amd64): netactview_0.2.1-1-ubuntu_amd64.deb


2007-12-27
Net Activity Viewer 0.2 released

  • Added port service names.
  • Added basic network statistics.
  • Added restart as root.
  • Rounded up some of the existing features.
Sources:
netactview-0.2.tar.bz2

Ubuntu packages (Ubuntu 6.06 or newer):
Standard PC (x86): netactview_0.2-1-ubuntu_i386.deb
64bit PC (amd64): netactview_0.2-1-ubuntu_amd64.deb


2007-12-18
Net Activity Viewer 0.1 released

It includes all the basic stuff:

  • Obtains the list of active network connections (tcp, udp, tcp6, udp6) from the kernel.
  • Obtains process information for the active network connections (pid, name, command).
  • Host name retrieval.
  • Automatic refresh.
  • Sorting.
  • Some information filtering.
  • Copy and save facilities.
  • Automatic options state save and restore.
Here you can get the sources (you need at least gtk 2.8 to compile them):
netactview-0.1.tar.gz
Here you can get it the ubuntu package (tested on Ubuntu 6.06, 7.04 and 7.10):
netactview_0.1-1_ubuntu6.06_i386.deb


Get Net Activity Viewer at SourceForge.net. Fast, secure and Free Open Source software downloads