PT-2003-1560 · Falcon'S Eye Dev Team+1 · Falconseye+1
Publicado
2003-05-30
·
Atualizado
2020-12-09
·
CVE-2003-0358
CVSS v2.0
4.6
Média
| Vetor | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
nethack versions 3.4.0 and earlier
falconseye versions 1.9.3 and earlier
Description:
The issue allows local users to gain privileges via a long
-s command line option, which leads to a buffer overflow. This affects both nethack and falconseye, with the latter being based on nethack.Recommendations:
For nethack versions 3.4.0 and earlier, consider restricting the use of the
-s command line option until a patch is available.
For falconseye versions 1.9.3 and earlier, avoid using the -s command line option in conjunction with long inputs to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Falconseye
Nethack