New bsdgames packages fix local privilege escalation

2006.04.19
Credit: Moritz Muehlenhoff (jmm debian org)
Risk: Medium
Local: Yes
Remote: No
CVE: CVE-2006-1744
CWE: N/A


CVSS Base Score: 4.6/10
Impact Subscore: 6.4/10
Exploitability Subscore: 3.9/10
Exploit range: Local
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

-- Debian Security Advisory DSA 1036-1 security (at) debian (dot) org [email concealed] http://www.debian.org/security/ Steve Kemp April 17th, 2006 http://www.debian.org/security/faq - ------------------------------------------------------------------------ -- Package : bsdgames Vulnerability : buffer overflow Problem type : local Debian-specific: no Debian Bug : 360989 CVE ID : CVE-2006-1744 A buffer overflow problem has been discovered in sail, a game contained in the bsdgames package, a collection of classic textual Unix games, which could lead to games group privilege escalation. For the old stable distribution (woody) this problem has been fixed in version 2.13-7woody0. For the stable distribution (sarge) this problem has been fixed in version 2.7.59-7sarge1. For the unstable distribution (sid) this problem has been fixed in version 2.17-7. We recommend that you upgrade your bsdgames package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0.dsc Size/MD5 checksum: 619 0cbc1e14e3f0b4984e8d98985c6d1f6a http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0.diff.gz Size/MD5 checksum: 11953 3df403ce4490285f5cd42c2be3b28157 http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13.or ig.tar.gz Size/MD5 checksum: 2340094 cf33f61ce1f0c09a7473ac26a4a0a6ec Alpha architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_alpha.deb Size/MD5 checksum: 951546 01c6877b6279474d70038c04769fe10b ARM architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_arm.deb Size/MD5 checksum: 825156 aa85fd9b7d5b1b0686d617f70c986415 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_i386.deb Size/MD5 checksum: 792272 0df5fd34239cdaf52e77b51bd964fec1 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_ia64.deb Size/MD5 checksum: 1080424 f6c31e672b7fb022957fdf5ffffcc2b3 HP Precision architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_hppa.deb Size/MD5 checksum: 902062 ce94b4c1236ff0a547b8787542163a99 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_m68k.deb Size/MD5 checksum: 773600 e9e234782008e026f4f9d6fcfcc3663c Big endian MIPS architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_mips.deb Size/MD5 checksum: 886536 90b5e1cb86e8a6af42238312377b0b3e Little endian MIPS architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_mipsel.deb Size/MD5 checksum: 877910 bc782bfdbf7f06c7c0493e8087c0e0c2 PowerPC architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_powerpc.deb Size/MD5 checksum: 844230 79740beab215f0bbe9c2db402f618980 IBM S/390 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_s390.deb Size/MD5 checksum: 831284 668c366d766dfde80fad3db29022f20a Sun Sparc architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_sparc.deb Size/MD5 checksum: 928022 b122af325cfdbc115a4f65ace24acf67 Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1.dsc Size/MD5 checksum: 640 4f711fd516a61813f1a3365699b5228e http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1.diff.gz Size/MD5 checksum: 11320 a83f445ca93fcc857e23774658adf6e0 http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17.or ig.tar.gz Size/MD5 checksum: 2563311 238a38a3a017ca9b216fc42bde405639 Alpha architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_alpha.deb Size/MD5 checksum: 1174660 5efca9433af26290a847a2038e0ae4e6 AMD64 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_amd64.deb Size/MD5 checksum: 1026244 131a5f257d2dd1318e035b24ac0fab2a ARM architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_arm.deb Size/MD5 checksum: 990704 f20c4c664fc79a956e9fb8e1d83fc4dd Intel IA-32 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_i386.deb Size/MD5 checksum: 963154 521cc98b003db27c2bbf05afba7cea27 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_ia64.deb Size/MD5 checksum: 1312824 fb241efb5d1e5fb2d81ac95884e5ce6c HP Precision architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_hppa.deb Size/MD5 checksum: 1090242 358e7b6a7b3e3bd64dcee450a188ca88 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_m68k.deb Size/MD5 checksum: 915186 ca87f4cfd2269b14e01e9a5e477ae572 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_mips.deb Size/MD5 checksum: 1123552 2760a604b73c3790bc03d822642a57c3 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_mipsel.deb Size/MD5 checksum: 1113750 f33c43e795393cce5c4970da3337d85c PowerPC architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_powerpc.deb Size/MD5 checksum: 1050436 3bf8227a181b7884559c7061ea693335 IBM S/390 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_s390.deb Size/MD5 checksum: 1029590 5ec74d0de424b23f5e2bbc39673e30bb Sun Sparc architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_sparc.deb Size/MD5 checksum: 998460 11ae88f58a70f60aad5ccbb62e96f211 These files will probably be moved into the stable distribution on its next update. - ------------------------------------------------------------------------ --------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce (at) lists.debian (dot) org [email concealed] Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEQ1V4Xm3vHE4uyloRAoA8AJ4s7din/cXclukgbL6lYyjkyqhXaQCgxxdv 3+uOL2eiejdTQYMt/GPamGA= =cyiV -----END PGP SIGNATURE-----


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top