[ GLSA 200603-23 ] NetHack, Slash'EM, Falcon's Eye: Local privilege escalation

[GLSA]

Gentoo Linux Security Advisory

Title: NetHack, Slash'EM, Falcon's Eye: Local privilege escalation (GLSA 200603-23)
Severity: normal
Exploitable: local
Date: March 23, 2006
Updated: March 30, 2006
Bug(s): #125902, #122376, #127167, #127319
ID: 200603-23

Synopsis


NetHack, Slash'EM and Falcon's Eye are vulnerable to local privilege
escalation vulnerabilities that could potentially allow the execution of
arbitrary code as other users.


Background


NetHack is the classic single player dungeon exploration game. Slash'EM
and Falcon's Eye are NetHack variants.


Affected Packages

Package: games-roguelike/nethack
Vulnerable: <= 3.4.3-r1
Architectures: All supported architectures

Package: games-roguelike/falconseye
Vulnerable: <= 1.9.4a
Architectures: All supported architectures

Package: games-roguelike/slashem
Vulnerable: <= 0.0.760
Architectures: All supported architectures


Description


NetHack, Slash'EM and Falcon's Eye have been found to be incompatible
with the system used for managing games on Gentoo Linux. As a result,
they cannot be played securely on systems with multiple users.


Impact


A local user who is a member of group "games" may be able to modify the
state data used by NetHack, Slash'EM or Falcon's Eye to trigger the
execution of arbitrary code with the privileges of other players.
Additionally, the games may create save game files in a manner not
suitable for use on Gentoo Linux, potentially allowing a local user to
create or overwrite files with the permissions of other players.


Workaround


Do not add untrusted users to the "games" group.


Resolution


NetHack has been masked in Portage pending the resolution of these
issues. Vulnerable NetHack users are advised to uninstall the package
until further notice.