CVE-2003-0607

Name of the Vulnerable Software and Affected Versions xconq versions 7.4.1 xconq-common (affected versions not specified) xconq-doc (affected versions not specified)

Description The issue affects the xconq package in Debian GNU/Linux, allowing a local attacker to exploit multiple vulnerabilities and potentially disrupt the confidentiality, integrity, and availability of protected information. The exploitation can be carried out by a local attacker. A buffer overflow in xconq 7.4.1 is also identified, which can allow local users to become part of the "games" group via the USER or DISPLAY environment variables.

Recommendations For xconq version 7.4.1, consider restricting access to the USER and DISPLAY environment variables to prevent exploitation of the buffer overflow. For xconq-common, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For xconq-doc, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling the vulnerable components of the xconq package until a patch is available.