4.6

CVE-2006-1390

Exploit

EPSS 0.22%
Published 25.03.2006 00:06:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks.

Affected products Warnungen 0 Metrics 2 CWE 0 References 14

Data is provided by the National Vulnerability Database (NVD)

Gentoo ≫ Linux Version0.5

Gentoo ≫ Linux Version0.7

Gentoo ≫ Linux Version1.1a

Gentoo ≫ Linux Version1.2

Gentoo ≫ Linux Version1.4

Gentoo ≫ Linux Version1.4 Updaterc1

Gentoo ≫ Linux Version1.4 Updaterc2

Gentoo ≫ Linux Version1.4 Updaterc3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.22%	0.445

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://bugs.gentoo.org/show_bug.cgi?id=122376

Exploit

http://bugs.gentoo.org/show_bug.cgi?id=125902

Exploit

http://bugs.gentoo.org/show_bug.cgi?id=127167

http://bugs.gentoo.org/show_bug.cgi?id=127319

http://secunia.com/advisories/19376

Vendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200603-23.xml

Patch

http://www.osvdb.org/24104

http://www.securityfocus.com/archive/1/428739/100/0/threaded

http://www.securityfocus.com/archive/1/428743/100/0/threaded

http://www.securityfocus.com/bid/17217

https://exchange.xforce.ibmcloud.com/vulnerabilities/25528

https://nvd.nist.gov/vuln/detail/CVE-2006-1390

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-1390

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-1390

EUVD