There is this storm overflow vulnerability torcs. Exploit attached. Reproducible: Always
Created attachment 297963 [details] exploit public
@games, can you check if there is a fix for it? TIA
the exploit has just come out so I can not even tell you
So if you can modify the data in /usr/share/games you can run code as whatever user runs the games that read that data? News at 11. How is this interesting?
anyway is fixed in TORCS-1.3.2-test2
Here we talk about the bug and there is also a patch to fix the bug. http://sourceforge.net/mailarchive/forum.php?set=custom&viewmonth=&viewday=&forum_name=torcs-devel&style=nested&max_rows=25&submit=Change+View
update a new version: https://bugs.gentoo.org/show_bug.cgi?id=399895
*** Bug 399895 has been marked as a duplicate of this bug. ***
because you have not yet updated the ebuild?
a bug left, expects progress from version 1.3.1 to 1.3.2 ebuild for safety tests.
Version 1.3.2 is also bugged by buffer overflow: http://www.1337day.com/exploits/17500?utm_source=dlvr.it&utm_medium=twitter
*** Bug 405487 has been marked as a duplicate of this bug. ***
from the changelog you can see that the bug has been fixed > Fixed another possible buffer overflow reported by Andres Gomez (Andres, Bernhard). you must upgrade it to version 1.3.3 as soon as possible, using a dump and delete the old ebuild vulnerable.
added the links for 1.3.3 version and changelog. I testing on x86 plathform torcs v1.3.3
version bump (1.3.3) requirement!!!!
UP
updated to 1.3.4
(In reply to comment #17) > updated to 1.3.4 Thank you, Julian. Do we know if 1.3.4 fixes this issue?
1.3.6 is in the tree. unable to locate any relevant information to confirm this vulnerability is fixed. If no one else has anything I will close this soon
Confirmed bug was fixed in 1.3.3. http://www.vuxml.org/freebsd/ba51c2f7-5b43-11e1-8288-00262d5ed8ee.html Additional information: http://plugins.openvas.org/nasl.php?oid=71167
No vote on a very old bug.
