golddig X11 Game Arbitrary File Overwrite Vulnerability
BID:1184
Info
golddig X11 Game Arbitrary File Overwrite Vulnerability
| Bugtraq ID: | 1184 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | May 09 2000 12:00AM |
| Updated: | May 09 2000 12:00AM |
| Credit: | This vulnerability was published in a FreeBSD security advisory on May 9, 2000 |
| Vulnerable: |
Alexander Siegel golddig 2.0 |
| Not Vulnerable: | |
Discussion
golddig X11 Game Arbitrary File Overwrite Vulnerability
A vulnerability exists in the golddig2 game, by Alexander Siegel. It was discovered during a security audit of the golddig2 package by the FreeBSD ports team, that the makelev program can be used to overwrite arbitrary files, as it is by default installed setuid root. The contents of the file is not arbitrary, however, so it is not immediately clear whether this program could be used to elevate privilege. That the makelev program being setuid is a potential security problem is documented in the original Makefile for golddig.
While this vulnerability exists in the ports package for FreeBSD 3, 4 and 5-current, it is not a FreeBSD vulnerability. Packages in the ports collection are not installed by default, and are provided as is.
A vulnerability exists in the golddig2 game, by Alexander Siegel. It was discovered during a security audit of the golddig2 package by the FreeBSD ports team, that the makelev program can be used to overwrite arbitrary files, as it is by default installed setuid root. The contents of the file is not arbitrary, however, so it is not immediately clear whether this program could be used to elevate privilege. That the makelev program being setuid is a potential security problem is documented in the original Makefile for golddig.
While this vulnerability exists in the ports package for FreeBSD 3, 4 and 5-current, it is not a FreeBSD vulnerability. Packages in the ports collection are not installed by default, and are provided as is.
Exploit / POC
golddig X11 Game Arbitrary File Overwrite Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
golddig X11 Game Arbitrary File Overwrite Vulnerability
Solution:
Updated ports packages have been issued by FreeBSD. Users seeking to fix golddig on platforms other than FreeBSD should simply remove the setuid bit.
Solution:
Updated ports packages have been issued by FreeBSD. Users seeking to fix golddig on platforms other than FreeBSD should simply remove the setuid bit.
References
golddig X11 Game Arbitrary File Overwrite Vulnerability
References:
References: