BSD-Games pl_main.c 缓冲区溢出漏洞

漏洞信息详情

BSD-Games pl_main.c 缓冲区溢出漏洞

• CNNVD编号：CNNVD-200604-182
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2006-1744
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2006-04-12
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2006-04-26
  
• 厂        商：
  
  joey_hess
• 漏洞来源：
  Discovery is credi…

BSDgames 2.17-7之前的版本中的pl_main.c存在缓冲区溢出。这使得本地用户可以借助于在scanf函数调用中使用的长的玩家名称执行任意代码。

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

bsd-games bsd-games 2.17

Debian bsdgames_2.17-1sarge1_alpha.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17- 1sarge1_alpha.deb

Debian bsdgames_2.17-1sarge1_amd64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17- 1sarge1_amd64.deb

Debian bsdgames_2.17-1sarge1_arm.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17- 1sarge1_arm.deb

Debian bsdgames_2.17-1sarge1_hppa.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17- 1sarge1_hppa.deb

Debian bsdgames_2.17-1sarge1_i386.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17- 1sarge1_i386.deb

Debian bsdgames_2.17-1sarge1_ia64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17- 1sarge1_ia64.deb

Debian bsdgames_2.17-1sarge1_m68k.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17- 1sarge1_m68k.deb

Debian bsdgames_2.17-1sarge1_mips.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17- 1sarge1_mips.deb

Debian bsdgames_2.17-1sarge1_mipsel.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17- 1sarge1_mipsel.deb

Debian bsdgames_2.17-1sarge1_powerpc.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17- 1sarge1_powerpc.deb

Debian bsdgames_2.17-1sarge1_s390.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17- 1sarge1_s390.deb

Debian bsdgames_2.17-1sarge1_sparc.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.17- 1sarge1_sparc.deb

bsd-games bsd-games 2.13

Debian bsdgames_2.13-7woody0_alpha.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13- 7woody0_alpha.deb

Debian bsdgames_2.13-7woody0_arm.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13- 7woody0_arm.deb

Debian bsdgames_2.13-7woody0_hppa.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13- 7woody0_hppa.deb

Debian bsdgames_2.13-7woody0_i386.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13- 7woody0_i386.deb

Debian bsdgames_2.13-7woody0_ia64.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13- 7woody0_ia64.deb

Debian bsdgames_2.13-7woody0_m68k.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13- 7woody0_m68k.deb

Debian bsdgames_2.13-7woody0_mips.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13- 7woody0_mips.deb

Debian bsdgames_2.13-7woody0_mipsel.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13- 7woody0_mipsel.deb

Debian bsdgames_2.13-7woody0_powerpc.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13- 7woody0_powerpc.deb

Debian bsdgames_2.13-7woody0_s390.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13- 7woody0_s390.deb

Debian bsdgames_2.13-7woody0_sparc.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/b/bsdgames/bsdgames_2.13- 7woody0_sparc.deb

来源: OSVDB

名称: 24634

链接:http://www.osvdb.org/24634

来源: DEBIAN

名称: DSA-1036

链接:http://www.debian.org/security/2006/dsa-1036

来源: SECUNIA

名称: 19687

链接:http://secunia.com/advisories/19687

来源: BID

名称: 17401

链接:http://www.securityfocus.com/bid/17401

来源: MISC

链接:http://www.pulltheplug.org/fu/?q=node/56

来源: bugs.debian.org

链接:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=360989

来源: SREASON

名称: 736

链接:http://securityreason.com/securityalert/736