Gentoo: nethack buffer overflow vulnerability
Posted by LinuxSecurity.com Team   
Gentoo Overflowing a buffer in nethack may lead to privelige escalation to games uid.

- ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200302-08
- ---------------------------------------------------------------------

PACKAGE : nethack
SUMMARY : buffer overflow
DATE    : 2003-02-18 09:10 UTC
EXPLOIT : local

- ---------------------------------------------------------------------

Overflowing a buffer in nethack may lead to privelige escalation to
games uid.

Read the full advisory at: 
http://marc.theaimsgroup.com/?l=bugtraq&m=104489201032144&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
app-games/nethack upgrade to nethack-3.4.0-r6 as follows:

emerge sync
emerge -u nethack
emerge clean

- ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at  http://cvs.gentoo.org/~aliz
- ---------------------------------------------------------------------