CVE-2006 entries added

Hans de Goede j.w.r.degoede at hhs.nl
Thu May 11 10:33:43 UTC 2006


Luke Macken wrote:
> On Mon, May 08, 2006 at 05:11:18PM -0500, Jason L Tibbitts III wrote:
>> CR> nethack
>>
>> Same issue as with bsd-games.
> 
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187353
> 
> This ball is in my court.  As mentioned in the bug report, this issue
> only applies when users are a part of the 'games' group.  As far as I
> know, this issue has not been fixed anywhere (even in gentoo where it
> is actually a real issue, since people are encouraged to join the
> 'games' group).
> 

Although users are not in the games group on Fedora this is still a 
problem, this hole allows the following scenario:
- find a sgid game which is exploitable to get games gid rights
- use the games gid rights to drop a crafted file which will
   exploit nethack when opened by nethack.
- once another users runs nethack and opens the crafted file
   unwanted things get done with the rights of the other user.

So although low priority this needs fixing never the less.

Regards,

Hans




More information about the Fedora-security-list mailing list