CVE-2006-1390: Buffer Overflow
First published: Sat Mar 25 2006(Updated: )
The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Gentoo Linux | =1.4-rc1 | |
| Gentoo Linux | =1.4-rc3 | |
| Gentoo Linux | =0.5 | |
| Gentoo Linux | =1.1a | |
| Gentoo Linux | =1.4 | |
| Gentoo Linux | =0.7 | |
| Gentoo Linux | =1.2 | |
| Gentoo Linux | =1.4-rc2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://bugs.gentoo.org/show_bug.cgi?id=122376
- http://bugs.gentoo.org/show_bug.cgi?id=125902
- http://bugs.gentoo.org/show_bug.cgi?id=127167
- http://bugs.gentoo.org/show_bug.cgi?id=127319
- http://www.gentoo.org/security/en/glsa/glsa-200603-23.xml
- http://www.securityfocus.com/bid/17217
- http://secunia.com/advisories/19376
- http://www.osvdb.org/24104
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25528
- http://www.securityfocus.com/archive/1/428743/100/0/threaded
- http://www.securityfocus.com/archive/1/428739/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/gentoo
- canonical/gentoo linux
- version/gentoo linux/1.4-rc1
- version/gentoo linux/1.4-rc3
- version/gentoo linux/0.5
- version/gentoo linux/1.1a
- version/gentoo linux/1.4
- version/gentoo linux/0.7
- version/gentoo linux/1.2
- version/gentoo linux/1.4-rc2