FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-16 06:42:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
2b4d5288-447e-11d9-9ebb-000854d03344	rockdodger -- buffer overflows The environment variable HOME is copied without regard to buffer size, which can be used to gain elevated privilege if the binary is installed setgid games, and a string is read from the high score file without bounds check. The port installs the binary without setgid, but with a world-writable high score file. Discovery 2004-10-29 Entry 2004-12-02 rockdodger < 0.6_3 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278878

VuXML ID

Description

2b4d5288-447e-11d9-9ebb-000854d03344

rockdodger -- buffer overflows

The environment variable HOME is copied without regard to buffer size, which can be used to gain elevated privilege if the binary is installed setgid games, and a string is read from the high score file without bounds check.

The port installs the binary without setgid, but with a world-writable high score file.

Discovery 2004-10-29
Entry 2004-12-02
rockdodger

< 0.6_3

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278878