Date: Thu, 22 May 2003 15:29:39 +0200 From: Oliver Eikemeier <eikemeier@fillmore-labs.com> To: FreeBSD-gnats-submit@FreeBSD.org Cc: security-officer@FreeBSD.org Subject: ports/52569: exploit for port games/maelstrom exists in the wild Message-ID: <3ECCD0C3.1000003@fillmore-labs.com> Resent-Message-ID: <200305221330.h4MDUFpr066051@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 52569 >Category: ports >Synopsis: exploit for port games/maelstrom exists in the wild >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu May 22 06:30:14 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Oliver Eikemeier >Release: FreeBSD 4.8-STABLE i386 >Organization: Fillmore Labs - http://www.fillmore-labs.com >Environment: System: FreeBSD nuuk.fillmore-labs.com 4.8-STABLE >Description: There exists a local exploit for the open source game Maelstrom, which is in the FreeBSD ports collection and installed gid games. The FreeBSD shell code is found at <http://www.securityfocus.com/archive/1/322068>; The first two exploits I saw were <http://www.securityfocus.com/archive/1/321967>; and <http://www.securityfocus.com/archive/1/322008>. >How-To-Repeat: >Fix: No vendor patch is available. Because the exploit is only local and only group games is affected, a simple warning may suffice. Regards Oliver >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3ECCD0C3.1000003>