PT-2003-1561 · Nethack · Nethack

Published

2003-06-18

Updated

2008-09-05

CVE-2003-0359

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: nethack versions 3.4.0 and earlier

Description: The issue allows local users to gain privileges by replacing original binaries with malicious code due to insecure permissions of certain setgid binaries installed by nethack.

Recommendations: For versions 3.4.0 and earlier, update the permissions of the setgid binaries to secure them, preventing local users from replacing the original binaries with malicious code.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0359

DSA-316

Affected Products

Nethack

PT-2003-1561 · Nethack · Nethack

CVE-2003-0359

Related Identifiers

Affected Products

References · 5