nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www.debian.org/security/2003/dsa-316 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2003-06-18T04:00:00Z
Updated: 2024-09-16T22:09:41.854Z
Reserved: 2003-05-29T00:00:00Z
Link: CVE-2003-0359
Vulnrichment
No data.
NVD
Status : Modified
Published: 2003-07-24T04:00:00.000
Modified: 2024-11-20T23:44:33.320
Link: CVE-2003-0359
Redhat
No data.