SecuritySpace - CVE-2006-1390

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID:	CVE-2006-1390
Description:	The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks.
Test IDs:	1.3.6.1.4.1.25623.1.0.56551
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2006-1390 BugTraq ID: 17217 http://www.securityfocus.com/bid/17217 Bugtraq: 20060324 Re: [ GLSA 200603-23 ] NetHack, Slash'EM, Falcon's Eye: Local privilege escalation (Google Search) http://www.securityfocus.com/archive/1/428743/100/0/threaded Bugtraq: 20060324 Re: [ GLSA 200603-23 ] NetHack, Slash'EM, Falcon's Eye: Localprivilege escalation (Google Search) http://www.securityfocus.com/archive/1/428739/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200603-23.xml http://bugs.gentoo.org/show_bug.cgi?id=122376 http://bugs.gentoo.org/show_bug.cgi?id=125902 http://bugs.gentoo.org/show_bug.cgi?id=127167 http://bugs.gentoo.org/show_bug.cgi?id=127319 http://www.osvdb.org/24104 http://secunia.com/advisories/19376 XForce ISS Database: gentoo-multiple-games-privilege-escalation(25528) https://exchange.xforce.ibmcloud.com/vulnerabilities/25528