Buffer overflow in lbreakout2 allows local users to gain games group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Lbreakout2 | Lgames | 2.0 (including) | 2.0 (including) |
| Lbreakout2 | Lgames | 2.0.1 (including) | 2.0.1 (including) |
| Lbreakout2 | Lgames | 2.1 (including) | 2.1 (including) |
| Lbreakout2 | Lgames | 2.1.1 (including) | 2.1.1 (including) |
| Lbreakout2 | Lgames | 2.1.2 (including) | 2.1.2 (including) |
| Lbreakout2 | Lgames | 2.2 (including) | 2.2 (including) |
| Lbreakout2 | Lgames | 2.2.1 (including) | 2.2.1 (including) |
| Lbreakout2 | Lgames | 2.2.2 (including) | 2.2.2 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=107755821705356\u0026w=2
- http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1.diff.gz
- http://www.debian.org/security/2004/dsa-445
- http://www.securityfocus.com/bid/9712
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15229
- http://marc.info/?l=bugtraq\u0026m=107755821705356\u0026w=2
- http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1.diff.gz
- http://www.debian.org/security/2004/dsa-445
- http://www.securityfocus.com/bid/9712
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15229