First published: Tue Jan 28 2020(Updated: )
In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options. Users should upgrade to NetHack 3.6.5.
Credit: security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
Nethack Nethack | <3.6.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.