CVE-2006-1390 Information

Description

The configuration of NetHack 3.4.3-r1 and earlier Falcon’s Eye 1.9.4a and earlier and Slash’EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks.

Reference

http://bugs.gentoo.org/show_bug.cgi?id=122376 http://bugs.gentoo.org/show_bug.cgi?id=125902 http://bugs.gentoo.org/show_bug.cgi?id=127167 http://bugs.gentoo.org/show_bug.cgi?id=127319 http://secunia.com/advisories/19376 http://www.gentoo.org/security/en/glsa/glsa-200603-23.xml http://www.osvdb.org/24104 http://www.securityfocus.com/archive/1/428739/100/0/threaded http://www.securityfocus.com/archive/1/428743/100/0/threaded http://www.securityfocus.com/bid/17217 https://exchange.xforce.ibmcloud.com/vulnerabilities/25528