Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
References
Link | Resource |
---|---|
http://nethack.sourceforge.net/v340/bugmore/secpatch.txt | Patch Third Party Advisory |
http://www.debian.org/security/2003/dsa-316 | Third Party Advisory |
http://www.debian.org/security/2003/dsa-350 | Third Party Advisory |
http://www.securityfocus.com/archive/1/311172/2003-02-08/2003-02-14/0 | Exploit Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/6806 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/11283 | Third Party Advisory VDB Entry |
http://nethack.sourceforge.net/v340/bugmore/secpatch.txt | Patch Third Party Advisory |
http://www.debian.org/security/2003/dsa-316 | Third Party Advisory |
http://www.debian.org/security/2003/dsa-350 | Third Party Advisory |
http://www.securityfocus.com/archive/1/311172/2003-02-08/2003-02-14/0 | Exploit Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/6806 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/11283 | Third Party Advisory VDB Entry |
Configurations
History
20 Nov 2024, 23:44
Type | Values Removed | Values Added |
---|---|---|
References | () http://nethack.sourceforge.net/v340/bugmore/secpatch.txt - Patch, Third Party Advisory | |
References | () http://www.debian.org/security/2003/dsa-316 - Third Party Advisory | |
References | () http://www.debian.org/security/2003/dsa-350 - Third Party Advisory | |
References | () http://www.securityfocus.com/archive/1/311172/2003-02-08/2003-02-14/0 - Exploit, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/6806 - Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/11283 - Third Party Advisory, VDB Entry |
Information
Published : 2003-06-09 04:00
Updated : 2024-11-20 23:44
NVD link : CVE-2003-0358
Mitre link : CVE-2003-0358
CVE.ORG link : CVE-2003-0358
JSON object : View
Products Affected
debian
- debian_linux
falconseye_project
- falconseye
nethack
- nethack
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')