[SECURITY] [DSA-316-1] New nethack packages fix buffer overflow, incorrect permissions From: Matt Zimmerman <mdz@debian.org> To: debian-security-announce@lists.debian.org Date: Thursday 02.27.50 Message was signed with unknown key 0x43E25D1E. The validity of the signature cannot be verified. -------------------------------------------------------------------------- Debian Security Advisory DSA 316-1 security@debian.org http://www.debian.org/security/ Matt Zimmerman June 11th, 2003 http://www.debian.org/security/faq -------------------------------------------------------------------------- Package : nethack Vulnerability : buffer overflow, incorrect permissions Problem-Type : local Debian-specific: no CVE Id : CAN-2003-0358 CAN-2003-0359 The nethack package is vulnerable to a buffer overflow exploited via a long '-s' command line option. This vulnerability could be used by an attacker to gain gid 'games' on a system where nethack is installed. Additionally, some setgid binaries in the nethack package have incorrect permissions, which could allow a user who gains gid 'games' to replace these binaries, potentially causing other users to execute malicious code when they run nethack.
i removed the setgid bit because it causes permission problems in other cases ... didnt realize we had a security bug report ;) http://cvs.gentoo.org/cgi-bin/viewcvs.cgi/gentoo-x86/app-games/nethack/nethack-3.4.1.ebuild.diff?r1=1.6&r2=1.7