blob: 732fb11c326e6507045687d0b88f9e959bb94c66 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200603-26">
<title>bsd-games: Local privilege escalation in tetris-bsd</title>
tetris-bsd is prone to local privilege escalation vulnerabilities.
<product type="ebuild">bsd-games</product>
<announced>March 29, 2006</announced>
<revised>May 22, 2006: 02</revised>
<package name="games-misc/bsd-games" auto="yes" arch="*">
<unaffected range="ge">2.17-r1</unaffected>
<vulnerable range="lt">2.17-r1</vulnerable>
bsd-games is a collection of NetBSD games ported to Linux.
Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that
the checkscores() function in scores.c reads in the data from the
/var/games/tetris-bsd.scores file without validation, rendering it
vulnerable to buffer overflows and incompatible with the system used
for managing games on Gentoo Linux. As a result, it cannot be played
securely on systems with multiple users. Please note that this is
probably a Gentoo-specific issue.
<impact type="normal">
A local user who is a member of group "games" may be able to modify the
tetris-bsd.scores file to trigger the execution of arbitrary code with
the privileges of other players.
Do not add untrusted users to the "games" group.
All bsd-games users are advised to update to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=games-misc/bsd-games-2.17-r1&quot;</code>
<uri link="">CVE-2006-1539</uri>
<metadata tag="requester" timestamp="Tue, 21 Mar 2006 19:50:34 +0000">
<metadata tag="submitter" timestamp="Mon, 27 Mar 2006 15:36:51 +0000">
<metadata tag="bugReady" timestamp="Tue, 28 Mar 2006 18:00:28 +0000">