Exploitalert - Database of Exploits

New bsdgames packages fix local privilege escalation

CVE	Category	Price	Severity
CVE-2006-1744	CWE-270	N/A	High

Author	Risk	Exploitation Type	Date
Unknown	High	Local	2006-04-22

CVSS	EPSS	EPSSP
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	0.02192	0.50148

CVSS vector description

Metric	Value	Metric Description	Value Description
Attack vector	Local	AV	The vulnerable system is not bound to the network stack and the attacker’s path is via read/write/execute capabilities. Either: the attacker exploits the vulnerability by accessing the target system locally (e.g., keyboard, console), or through terminal emulation (e.g., SSH); or the attacker relies on User Interaction by another person to perform actions required to exploit the vulnerability (e.g., using social engineering techniques to trick a legitimate user into opening a malicious document).
Attack Complexity	Low	AC	The attacker must take no measurable action to exploit the vulnerability. The attack requires no target-specific circumvention to exploit the vulnerability. An attacker can expect repeatable success against the vulnerable system.
Privileges Required	Low	PR	The attacker requires privileges that provide basic capabilities that are typically limited to settings and resources owned by a single low-privileged user. Alternatively, an attacker with Low privileges has the ability to access only non-sensitive resources.
User Interaction	None	UI	The vulnerable system can be exploited without interaction from any human user, other than the attacker. Examples include: a remote attacker is able to send packets to a target system a locally authenticated attacker executes code to elevate privileges
Scope	Unchanged	S	An exploited vulnerability can only affect resources managed by the same security authority. In the case of a vulnerability in a virtualized environment, an exploited vulnerability in one guest instance would not affect neighboring guest instances.
Confidentiality	High	C	There is total information disclosure, resulting in all data on the system being revealed to the attacker, or there is a possibility of the attacker gaining control over confidential data.
Integrity	High	I	There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the attacker being able to modify any file on the target system.
Availability	High	A	There is a total shutdown of the affected resource. The attacker can deny access to the system or data, potentially causing significant loss to the organization.

http://cxsecurity.com/ascii/WLB-2006040064

-- Debian Security Advisory DSA 1036-1 security (at) debian (dot) org [email concealed] http://www.debian.org/security/ Steve Kemp April 17th, 2006 http://www.debian.org/security/faq - ------------------------------------------------------------------------ -- Package : bsdgames Vulnerability : buffer overflow Problem type : local Debian-specific: no Debian Bug : 360989 CVE ID : CVE-2006-1744 A buffer overflow problem has been discovered in sail, a game contained in the bsdgames package, a collection of classic textual Unix games, which could lead to games group privilege escalation. For the old stable distribution (woody) this problem has been fixed in version 2.13-7woody0. For the stable distribution (sarge) this problem has been fixed in version 2.7.59-7sarge1. For the unstable distribution (sid) this problem has been fixed in version 2.17-7. We recommend that you upgrade your bsdgames package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0.dsc Size/MD5 checksum: 619 0cbc1e14e3f0b4984e8d98985c6d1f6a http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0.diff.gz Size/MD5 checksum: 11953 3df403ce4490285f5cd42c2be3b28157 http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13.or ig.tar.gz Size/MD5 checksum: 2340094 cf33f61ce1f0c09a7473ac26a4a0a6ec Alpha architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_alpha.deb Size/MD5 checksum: 951546 01c6877b6279474d70038c04769fe10b ARM architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_arm.deb Size/MD5 checksum: 825156 aa85fd9b7d5b1b0686d617f70c986415 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_i386.deb Size/MD5 checksum: 792272 0df5fd34239cdaf52e77b51bd964fec1 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_ia64.deb Size/MD5 checksum: 1080424 f6c31e672b7fb022957fdf5ffffcc2b3 HP Precision architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_hppa.deb Size/MD5 checksum: 902062 ce94b4c1236ff0a547b8787542163a99 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_m68k.deb Size/MD5 checksum: 773600 e9e234782008e026f4f9d6fcfcc3663c Big endian MIPS architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_mips.deb Size/MD5 checksum: 886536 90b5e1cb86e8a6af42238312377b0b3e Little endian MIPS architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_mipsel.deb Size/MD5 checksum: 877910 bc782bfdbf7f06c7c0493e8087c0e0c2 PowerPC architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_powerpc.deb Size/MD5 checksum: 844230 79740beab215f0bbe9c2db402f618980 IBM S/390 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_s390.deb Size/MD5 checksum: 831284 668c366d766dfde80fad3db29022f20a Sun Sparc architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13-7w oody0_sparc.deb Size/MD5 checksum: 928022 b122af325cfdbc115a4f65ace24acf67 Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1.dsc Size/MD5 checksum: 640 4f711fd516a61813f1a3365699b5228e http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1.diff.gz Size/MD5 checksum: 11320 a83f445ca93fcc857e23774658adf6e0 http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17.or ig.tar.gz Size/MD5 checksum: 2563311 238a38a3a017ca9b216fc42bde405639 Alpha architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_alpha.deb Size/MD5 checksum: 1174660 5efca9433af26290a847a2038e0ae4e6 AMD64 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_amd64.deb Size/MD5 checksum: 1026244 131a5f257d2dd1318e035b24ac0fab2a ARM architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_arm.deb Size/MD5 checksum: 990704 f20c4c664fc79a956e9fb8e1d83fc4dd Intel IA-32 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_i386.deb Size/MD5 checksum: 963154 521cc98b003db27c2bbf05afba7cea27 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_ia64.deb Size/MD5 checksum: 1312824 fb241efb5d1e5fb2d81ac95884e5ce6c HP Precision architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_hppa.deb Size/MD5 checksum: 1090242 358e7b6a7b3e3bd64dcee450a188ca88 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_m68k.deb Size/MD5 checksum: 915186 ca87f4cfd2269b14e01e9a5e477ae572 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_mips.deb Size/MD5 checksum: 1123552 2760a604b73c3790bc03d822642a57c3 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_mipsel.deb Size/MD5 checksum: 1113750 f33c43e795393cce5c4970da3337d85c PowerPC architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_powerpc.deb Size/MD5 checksum: 1050436 3bf8227a181b7884559c7061ea693335 IBM S/390 architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_s390.deb Size/MD5 checksum: 1029590 5ec74d0de424b23f5e2bbc39673e30bb Sun Sparc architecture: http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17-1s arge1_sparc.deb Size/MD5 checksum: 998460 11ae88f58a70f60aad5ccbb62e96f211 These files will probably be moved into the stable distribution on its next update. - ------------------------------------------------------------------------ --------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce (at) lists.debian (dot) org [email concealed] Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEQ1V4Xm3vHE4uyloRAoA8AJ4s7din/cXclukgbL6lYyjkyqhXaQCgxxdv 3+uOL2eiejdTQYMt/GPamGA= =cyiV -----END PGP SIGNATURE-----

Impressum