SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Game)  >   Crafty Vendors:   Hyatt, Robert M.
(Debian Issues Fix) Crafty Game Command Line Buffer Overflows May Let Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1009398
SecurityTracker URL:  http://securitytracker.com/id/1009398
CVE Reference:   CVE-2003-0612   (Links to External Site)
Date:  Mar 12 2004
Impact:   Execution of arbitrary code via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 19.3 and prior versions
Description:   A vulnerability was reported in the Crafty game. A local user may be able to gain elevated privileges on the target system, depending on the configuration.

It is reported that 'crafty.bin' does not properly check the bounds of user-supplied command line data. A local user can supply specially crafted values to trigger a buffer overflow and execute arbitrary code with the privileges of Crafty. On some Linux distributions, Crafty is installed with set group id (setgid) 'games' group privileges.

Steve Kemp reported this vulnerability.

Impact:   A local user can execute arbitrary code with the privileges of Crafty, which may be 'games' group privileges on some distributions.
Solution:   Debian issued a fixed version (19.3-3) in August 2003:

http://ftp.debian.org/debian/pool/non-free/c/crafty/

Vendor URL:  www.limunltd.com/crafty/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Debian)
Underlying OS Comments:  3.0

Message History:   This archive entry is a follow-up to the message listed below.
Mar 11 2004 Crafty Game Command Line Buffer Overflows May Let Local Users Gain Elevated Privileges



 Source Message Contents

Subject:  Debian fix for Crafty


 > crafty (19.3-1) unstable; urgency=low

 >   * fixed security hole (CAN-2003-0612) in main.c (closes: #203541)
 >     thus priority set to important

http://ftp.debian.org/debian/pool/non-free/c/crafty/

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC