Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 127167 - games-roguelike/slashem: insecure save game creation and local priv escalation(CVE-2006-1390)
Summary: games-roguelike/slashem: insecure save game creation and local priv escalatio...
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal with 1 vote (vote)
Assignee: Gentoo Security
Whiteboard: B2 [masked maskglsa] jaervosz
Depends on:
Reported: 2006-03-22 03:26 UTC by Tavis Ormandy (RETIRED)
Modified: 2016-02-20 05:54 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Tavis Ormandy (RETIRED) gentoo-dev 2006-03-22 03:26:15 UTC
Raymond Lewis Rebbeck reports slashem is also vulnerable to the same issues that effect nethack, I've confirmed this.
Comment 1 Tavis Ormandy (RETIRED) gentoo-dev 2006-03-22 03:27:04 UTC
nethack bug is bug 125902
Comment 2 Tavis Ormandy (RETIRED) gentoo-dev 2006-03-22 03:32:27 UTC
Please note: as with the nethack bug, this is not a bug in slashem, and only affects gentoo.
Comment 3 Tavis Ormandy (RETIRED) gentoo-dev 2006-03-23 02:33:29 UTC
masked, i guess a maskglsa is not required.
Comment 4 Sune Kloppenborg Jeppesen gentoo-dev 2006-03-23 14:24:30 UTC
Masking GLSA 200603-23 sent.

Moving to enhancement scope pending resolution.
Comment 5 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2016-02-20 05:54:51 UTC
super old bug.  package is no longer in tree