Buffer overflow in pl_main.c in sail in BSDgames before 2.17-7 allows local users to execute arbitrary code via a long player name that is used in a scanf function call.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Bsdgames | Joey_hess | 2.9 (including) | 2.9 (including) |
| Bsdgames | Joey_hess | 2.12 (including) | 2.12 (including) |
| Bsdgames | Joey_hess | 2.13 (including) | 2.13 (including) |
| Bsdgames | Joey_hess | 2.14 (including) | 2.14 (including) |
| Bsdgames | Joey_hess | 2.17 (including) | 2.17 (including) |
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=360989
- http://secunia.com/advisories/19687
- http://securityreason.com/securityalert/736
- http://www.debian.org/security/2006/dsa-1036
- http://www.osvdb.org/24634
- http://www.pulltheplug.org/fu/?q=node/56
- http://www.securityfocus.com/bid/17401
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=360989
- http://secunia.com/advisories/19687
- http://securityreason.com/securityalert/736
- http://www.debian.org/security/2006/dsa-1036
- http://www.osvdb.org/24634
- http://www.pulltheplug.org/fu/?q=node/56
- http://www.securityfocus.com/bid/17401