Debian Security Advisory DSA 356-1 (xtokkaetama) Network Vulnerability

Summary

The remote host is missing an update to xtokkaetama announced via advisory DSA 356-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20356-1

Insight

Steve Kemp discovered two buffer overflows in xtokkaetama, a puzzle game, when processing the -display command line option and the XTOKKAETAMADIR environment variable. These vulnerabilities could be exploited by a local attacker to gain gid 'games'. For the current stable distribution (woody) this problem has been fixed in version 1.0b-6woody1. For the unstable distribution (sid) this problem is fixed in version 1.0b-8. We recommend that you update your xtokkaetama package.

Severity

Classification

CVE CVE-2003-0611

CVSS	Base Score: 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1062-1 (kphone)
Debian Security Advisory DSA 1144-1 (chmlib)
Debian Security Advisory DSA 1121-1 (postgrey)
Debian Security Advisory DSA 067-1 (apache,apache-ssl)
Debian Security Advisory DSA 068-1 (openldap)

Take action and discover your vulnerabilities