[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256488

 
 

909

 
 

199193

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-1390Date: (C)2006-03-24   (M)2023-12-22


The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.6
Exploit Score: 3.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
BID-17217
SECUNIA-19376
http://www.securityfocus.com/archive/1/428743/100/0/threaded
http://www.securityfocus.com/archive/1/428739/100/0/threaded
OSVDB-24104
GLSA-200603-23
gentoo-multiple-games-privilege-escalation(25528)
http://bugs.gentoo.org/show_bug.cgi?id=122376
http://bugs.gentoo.org/show_bug.cgi?id=125902
http://bugs.gentoo.org/show_bug.cgi?id=127167
http://bugs.gentoo.org/show_bug.cgi?id=127319

CPE    5
cpe:/o:gentoo:linux:1.4:rc3
cpe:/o:gentoo:linux:1.4:rc2
cpe:/o:gentoo:linux:1.4:rc1
cpe:/o:gentoo:linux:1.4
...

© SecPod Technologies