SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Game)  >   Conquest Vendors:   Poskanzer, Jef et al
Conquest Game Buffer Overflows Let Local Users Obtain Elevated Privileges
SecurityTracker Alert ID:  1008129
SecurityTracker URL:  http://securitytracker.com/id/1008129
CVE Reference:   CVE-2003-0933   (Links to External Site)
Updated:  Nov 27 2003
Original Entry Date:  Nov 10 2003
Impact:   Execution of arbitrary code via local system, User access via local system


Description:   Multiple buffer overflows were reported in the Conquest game. A local user may be able to obtain elevated privileges on the system.

It is reported that the software does not properly validate certain environment variables. A local user can set a specially crafted value to execute arbitrary code with 'conquest' user privileges.

Steve Kemp is credited with discovery. At least one of the buffer overflows was also reported in March 1998 by "bst@INAME.COM".

Impact:   A local user can gain 'conquest' user privileges on the target system.
Solution:   No solution was available at the time of this entry for the upstream version.
Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Nov 10 2003 (Debian Issues Fix) Conquest Game Buffer Overflows Let Local Users Obtain Elevated Privileges
Debian has released a fix.



 Source Message Contents

Subject:  Conquest


CVE: CAN-2003-0933

Debian reported a buffer overflow in the Conquest game:

 > Steve Kemp discovered a buffer overflow in the environment variable
 > handling of conquest, a curses based, real-time, multi-player space
 > warfare game, which could lead a local attacker to gain unauthorised
 > access to the group conquest.

One of the vulnerabilities fixed in the Debian version was publicly reported in a post to 
Bugtraq on 16 March 1998.  See:

http://www.insecure.org/sploits/lincity.conquest.overflows.html



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC