Debian Security Advisory DSA 334-1 (xgalaga) Network Vulnerability

Summary

The remote host is missing an update to xgalaga announced via advisory DSA 334-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20334-1

Insight

Steve Kemp discovered several buffer overflows in xgalaga, a game, which can be triggered by a long HOME environment variable. This vulnerability could be exploited by a local attacker to gain gid 'games'. For the stable distribution (woody) this problem has been fixed in version 2.0.34-19woody1. For the unstable distribution (sid) this problem is fixed in version 2.0.34-22. We recommend that you update your xgalaga package.

Severity

Classification

CVE CVE-2003-0454

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 002-1 (fsh)
Debian Security Advisory DSA 033-1 (analog)
Debian Security Advisory DSA 1015-1 (sendmail)
Debian Security Advisory DSA 058-1 (exim)
Debian Security Advisory DSA 054-1 (cron)

Take action and discover your vulnerabilities