Xonix X11 Game Insecure Privilege Dropping Vulnerability
BID:10149
Info
Xonix X11 Game Insecure Privilege Dropping Vulnerability
| Bugtraq ID: | 10149 |
| Class: | Design Error |
| CVE: |
CVE-2004-0157 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 15 2004 12:00AM |
| Updated: | Jul 12 2009 04:06AM |
| Credit: | Discovery is credited to Steve Kemp. |
| Vulnerable: |
xonix xonix 1.4 |
| Not Vulnerable: | |
Discussion
Xonix X11 Game Insecure Privilege Dropping Vulnerability
It has been reported that Xonix is prone to a vulnerability that may allow an attacker to gain elevated privileges. This issue occurs because the application fails to drop privileges. Successful exploitation of this issue may result in a local attacker gaining gid 'games' privileges.
This issue has been reported to affect Xonix version 1.4, however, it is possible that other versions are affected as well.
Due to a lack of details, further information is not available at the moment. This BID will be updated as more information becomes available.
It has been reported that Xonix is prone to a vulnerability that may allow an attacker to gain elevated privileges. This issue occurs because the application fails to drop privileges. Successful exploitation of this issue may result in a local attacker gaining gid 'games' privileges.
This issue has been reported to affect Xonix version 1.4, however, it is possible that other versions are affected as well.
Due to a lack of details, further information is not available at the moment. This BID will be updated as more information becomes available.
Exploit / POC
Xonix X11 Game Insecure Privilege Dropping Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Xonix X11 Game Insecure Privilege Dropping Vulnerability
Solution:
Debian has released an advisory DSA 484-1 to address this issue. Please see the referenced advisory for more information.
xonix xonix 1.4
Solution:
Debian has released an advisory DSA 484-1 to address this issue. Please see the referenced advisory for more information.
xonix xonix 1.4
-
Debian xonix_1.4-19woody1_alpha.deb
Debian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/x/xonix/xonix_1.4-19woody 1_alpha.deb -
Debian xonix_1.4-19woody1_arm.deb
Debian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/x/xonix/xonix_1.4-19woody 1_arm.deb -
Debian xonix_1.4-19woody1_hppa.deb
Debian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/x/xonix/xonix_1.4-19woody 1_hppa.deb -
Debian xonix_1.4-19woody1_i386.deb
Debian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/x/xonix/xonix_1.4-19woody 1_i386.deb -
Debian xonix_1.4-19woody1_ia64.deb
Debian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/x/xonix/xonix_1.4-19woody 1_ia64.deb -
Debian xonix_1.4-19woody1_m68k.deb
Debian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/x/xonix/xonix_1.4-19woody 1_m68k.deb -
Debian xonix_1.4-19woody1_mips.deb
Debian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/x/xonix/xonix_1.4-19woody 1_mips.deb -
Debian xonix_1.4-19woody1_mipsel.deb
Debian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/x/xonix/xonix_1.4-19woody 1_mipsel.deb -
Debian xonix_1.4-19woody1_powerpc.deb
Debian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/x/xonix/xonix_1.4-19woody 1_powerpc.deb -
Debian xonix_1.4-19woody1_s390.deb
Debian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/x/xonix/xonix_1.4-19woody 1_s390.deb -
Debian xonix_1.4-19woody1_sparc.deb
Debian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/x/xonix/xonix_1.4-19woody 1_sparc.deb
References
Xonix X11 Game Insecure Privilege Dropping Vulnerability
References:
References: