ports/52569: exploit for port games/maelstrom exists in the wild
Oliver Eikemeier
eikemeier at fillmore-labs.com
Thu May 22 13:30:17 UTC 2003
>Number: 52569
>Category: ports
>Synopsis: exploit for port games/maelstrom exists in the wild
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu May 22 06:30:14 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Oliver Eikemeier
>Release: FreeBSD 4.8-STABLE i386
>Organization:
Fillmore Labs - http://www.fillmore-labs.com
>Environment:
System: FreeBSD nuuk.fillmore-labs.com 4.8-STABLE
>Description:
There exists a local exploit for the open source game Maelstrom,
which is in the FreeBSD ports collection and installed gid games.
The FreeBSD shell code is found at <http://www.securityfocus.com/archive/1/322068>
The first two exploits I saw were <http://www.securityfocus.com/archive/1/321967>
and <http://www.securityfocus.com/archive/1/322008>.
>How-To-Repeat:
>Fix:
No vendor patch is available. Because the exploit is only local and only group games
is affected, a simple warning may suffice.
Regards
Oliver
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list