SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Game)  >   Marbles Vendors:   Speck, Michael
Marbles Game HOME Environment Variable Buffer Overflow Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1007820
SecurityTracker URL:  http://securitytracker.com/id/1007820
CVE Reference:   CVE-2003-0830   (Links to External Site)
Date:  Sep 26 2003
Impact:   Execution of arbitrary code via local system, User access via local system

Version(s): 1.0.5 and prior versions
Description:   A buffer overflow vulnerability was reported in the Marbles game software. A local user may be able to obtain elevated privileges on the target system.

It is reported that there is a buffer overflow in the processing of the HOME environment variable. A local user can set the variable to a specially crafted value and then invoke Marbles to execute arbitrary code on the system. Because Marbles is configured with set group id (setgid) 'games' privileges, the code will run with 'games' group privileges.

The flaw resides in 'cfg.c' in the C_StPth() function.

Steve Kemp is credited with discovering this flaw.

Impact:   A local user can execute arbitrary code with 'games' group privileges.
Solution:   No solution was available at the time of this entry.
Vendor URL:  lgames.sourceforge.net/index.php?project=LMarbles (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Sep 26 2003 (Debian Issues Fix) Marbles Game HOME Environment Variable Buffer Overflow Lets Local Users Gain Elevated Privileges
Debian has released a fix.



 Source Message Contents

Subject:  CVE-2003-0830


http://lgames.sourceforge.net/index.php?project=LMarbles

Debian reported that Steve Kemp discovered a buffer overflow in marbles, when processing
the HOME environment variable.  A local user can execute arbitrary code with 'games' group 
privileges.

CVE: CAN-2003-0830


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC