Debian update for bsdgames - Secunia Advisories - Vulnerability Intelligence

Secunia Advisories

Advisories

Advisories by Product

Advisories by Vendor

Business Solutions Restricted

Partner Solutions Restricted

About

Debian update for bsdgames
Secunia Advisory:	SA19687	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2006-04-17
Popularity:	6,152 views

Critical:	Not critical
Impact:	Privilege escalation
Where:	Local system
Solution Status:	Vendor Patch

OS:	Debian GNU/Linux 3.0 Debian GNU/Linux 3.1 Debian GNU/Linux unstable alias sid

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2006-1744

Description: Debian has issued an update for bsdgames. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to a boundary error in the "sail" game when handling player names. This can be exploited via an overly long player name to cause a buffer overflow and execute arbitrary code with "games" group privileges. Solution: Apply patches. -- Debian GNU/Linux 3.0 alias woody -- Source archives: http://security.debian.org/pool/updat.../b/bsdgames/bsdgames_2.13-7woody0.dsc Size/MD5 checksum: 619 0cbc1e14e3f0b4984e8d98985c6d1f6a http://security.debian.org/pool/updat...sdgames/bsdgames_2.13-7woody0.diff.gz Size/MD5 checksum: 11953 3df403ce4490285f5cd42c2be3b28157 http://security.debian.org/pool/updat.../b/bsdgames/bsdgames_2.13.orig.tar.gz Size/MD5 checksum: 2340094 cf33f61ce1f0c09a7473ac26a4a0a6ec Alpha architecture: http://security.debian.org/pool/updat...games/bsdgames_2.13-7woody0_alpha.deb Size/MD5 checksum: 951546 01c6877b6279474d70038c04769fe10b ARM architecture: http://security.debian.org/pool/updat...sdgames/bsdgames_2.13-7woody0_arm.deb Size/MD5 checksum: 825156 aa85fd9b7d5b1b0686d617f70c986415 Intel IA-32 architecture: http://security.debian.org/pool/updat...dgames/bsdgames_2.13-7woody0_i386.deb Size/MD5 checksum: 792272 0df5fd34239cdaf52e77b51bd964fec1 Intel IA-64 architecture: http://security.debian.org/pool/updat...dgames/bsdgames_2.13-7woody0_ia64.deb Size/MD5 checksum: 1080424 f6c31e672b7fb022957fdf5ffffcc2b3 HP Precision architecture: http://security.debian.org/pool/updat...dgames/bsdgames_2.13-7woody0_hppa.deb Size/MD5 checksum: 902062 ce94b4c1236ff0a547b8787542163a99 Motorola 680x0 architecture: http://security.debian.org/pool/updat...dgames/bsdgames_2.13-7woody0_m68k.deb Size/MD5 checksum: 773600 e9e234782008e026f4f9d6fcfcc3663c Big endian MIPS architecture: http://security.debian.org/pool/updat...dgames/bsdgames_2.13-7woody0_mips.deb Size/MD5 checksum: 886536 90b5e1cb86e8a6af42238312377b0b3e Little endian MIPS architecture: http://security.debian.org/pool/updat...ames/bsdgames_2.13-7woody0_mipsel.deb Size/MD5 checksum: 877910 bc782bfdbf7f06c7c0493e8087c0e0c2 PowerPC architecture: http://security.debian.org/pool/updat...mes/bsdgames_2.13-7woody0_powerpc.deb Size/MD5 checksum: 844230 79740beab215f0bbe9c2db402f618980 IBM S/390 architecture: http://security.debian.org/pool/updat...dgames/bsdgames_2.13-7woody0_s390.deb Size/MD5 checksum: 831284 668c366d766dfde80fad3db29022f20a Sun Sparc architecture: http://security.debian.org/pool/updat...games/bsdgames_2.13-7woody0_sparc.deb Size/MD5 checksum: 928022 b122af325cfdbc115a4f65ace24acf67 -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updat.../b/bsdgames/bsdgames_2.17-1sarge1.dsc Size/MD5 checksum: 640 4f711fd516a61813f1a3365699b5228e http://security.debian.org/pool/updat...sdgames/bsdgames_2.17-1sarge1.diff.gz Size/MD5 checksum: 11320 a83f445ca93fcc857e23774658adf6e0 http://security.debian.org/pool/updat.../b/bsdgames/bsdgames_2.17.orig.tar.gz Size/MD5 checksum: 2563311 238a38a3a017ca9b216fc42bde405639 Alpha architecture: http://security.debian.org/pool/updat...games/bsdgames_2.17-1sarge1_alpha.deb Size/MD5 checksum: 1174660 5efca9433af26290a847a2038e0ae4e6 AMD64 architecture: http://security.debian.org/pool/updat...games/bsdgames_2.17-1sarge1_amd64.deb Size/MD5 checksum: 1026244 131a5f257d2dd1318e035b24ac0fab2a ARM architecture: http://security.debian.org/pool/updat...sdgames/bsdgames_2.17-1sarge1_arm.deb Size/MD5 checksum: 990704 f20c4c664fc79a956e9fb8e1d83fc4dd Intel IA-32 architecture: http://security.debian.org/pool/updat...dgames/bsdgames_2.17-1sarge1_i386.deb Size/MD5 checksum: 963154 521cc98b003db27c2bbf05afba7cea27 Intel IA-64 architecture: http://security.debian.org/pool/updat...dgames/bsdgames_2.17-1sarge1_ia64.deb Size/MD5 checksum: 1312824 fb241efb5d1e5fb2d81ac95884e5ce6c HP Precision architecture: http://security.debian.org/pool/updat...dgames/bsdgames_2.17-1sarge1_hppa.deb Size/MD5 checksum: 1090242 358e7b6a7b3e3bd64dcee450a188ca88 Motorola 680x0 architecture: http://security.debian.org/pool/updat...dgames/bsdgames_2.17-1sarge1_m68k.deb Size/MD5 checksum: 915186 ca87f4cfd2269b14e01e9a5e477ae572 Big endian MIPS architecture: http://security.debian.org/pool/updat...dgames/bsdgames_2.17-1sarge1_mips.deb Size/MD5 checksum: 1123552 2760a604b73c3790bc03d822642a57c3 Little endian MIPS architecture: http://security.debian.org/pool/updat...ames/bsdgames_2.17-1sarge1_mipsel.deb Size/MD5 checksum: 1113750 f33c43e795393cce5c4970da3337d85c PowerPC architecture: http://security.debian.org/pool/updat...mes/bsdgames_2.17-1sarge1_powerpc.deb Size/MD5 checksum: 1050436 3bf8227a181b7884559c7061ea693335 IBM S/390 architecture: http://security.debian.org/pool/updat...dgames/bsdgames_2.17-1sarge1_s390.deb Size/MD5 checksum: 1029590 5ec74d0de424b23f5e2bbc39673e30bb Sun Sparc architecture: http://security.debian.org/pool/updat...games/bsdgames_2.17-1sarge1_sparc.deb Size/MD5 checksum: 998460 11ae88f58a70f60aad5ccbb62e96f211 -- Debian GNU/Linux unstable alias sid -- Fixed in version 2.17-7. Provided and/or discovered by: deepstar Original Advisory: Debian: http://www.us.debian.org/security/2006/dsa-1036 Fun University: http://www.pulltheplug.org/fu/?q=node/56

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

7th Jan, 2009

New advisories:	31
New vulnerabilities:	90
Updated advisories:	37

Less // 537 views

Joomla! "X_CMS_LIBRARY_PATH" Directory Traversal Vulnerability

Moderately // 320 views

Red Hat update for xterm

Not // 300 views

Red Hat update for dbus

Moderately // 410 views

Red Hat update for openssl

Moderately // 678 views

OpenSSL DSA / ECDSA "EVP_VerifyFinal()" Spoofing Vulnerability

Less // 327 views

vBulletin Personal Sticky Threads Add-on Security Bypass Vulnerability

Moderately // 281 views

BlogHelper "common_db.inc" Information Disclosure Security Issue

Moderately // 281 views

PollHelper "poll.inc" Information Disclosure Security Issue

Highly // 361 views

ComponentOne SizerOne CTab ActiveX Control Caption List Buffer Overflow

Highly // 326 views

TSC2 Help Desk CTab ActiveX Control Caption List Buffer Overflow

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.