← back
CVE-2006-1390

CVE-2006-1390

EPSS 0.7%
The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://bugs.gentoo.org/show_bug.cgi?id=122376http://bugs.gentoo.org/show_bug.cgi?id=125902http://bugs.gentoo.org/show_bug.cgi?id=127167http://bugs.gentoo.org/show_bug.cgi?id=127319http://secunia.com/advisories/19376https://exchange.xforce.ibmcloud.com/vulnerabilities/25528http://www.gentoo.org/security/en/glsa/glsa-200603-23.xmlhttp://www.osvdb.org/24104http://www.securityfocus.com/archive/1/428739/100/0/threadedhttp://www.securityfocus.com/archive/1/428743/100/0/threadedhttp://www.securityfocus.com/bid/17217