(Debian Issues Fix) Crafty Game Command Line Buffer Overflows May Let Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1009398
|
|
CVE Reference: CAN-2003-0612
(Links to External Site)
|
Date: Mar 12 2004
|
Impact: Execution of arbitrary code via local system, User access via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 19.3 and prior versions
|
Description: A vulnerability was reported in the Crafty game. A local user may be able to gain elevated privileges on the target system, depending on the configuration.
It is reported that 'crafty.bin' does not properly check the bounds of user-supplied command line data. A local user can supply
specially crafted values to trigger a buffer overflow and execute arbitrary code with the privileges of Crafty. On some Linux distributions,
Crafty is installed with set group id (setgid) 'games' group privileges.
Steve Kemp reported this vulnerability.
|
Impact: A local user can execute arbitrary code with the privileges of Crafty, which may be 'games' group privileges on some distributions.
|
Solution: Debian issued a fixed version (19.3-3) in August 2003:
http://ftp.debian.org/debian/pool/non-free/c/crafty/
|
Vendor URL: www.limunltd.com/crafty/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Linux (Debian)
|
Underlying OS Comments: 3.0
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Thu, 11 Mar 2004 01:31:44 -0500
Subject: Debian fix for Crafty
|
> crafty (19.3-1) unstable; urgency=low
> * fixed security hole (CAN-2003-0612) in main.c (closes: #203541)
> thus priority set to important
http://ftp.debian.org/debian/pool/non-free/c/crafty/
|
|
