关联漏洞
标题:
Nethack本地缓冲区溢出漏洞
(CVE-2003-0358)
描述:nethack是一款多种系统平台下的游戏程序。 nethack对用户提交的参数缺少正确边界缓冲区检查,本地攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以game用户权限在系统上执行任意指令。 nethack对-s选项的值缺少正确边界检查,攻击者提交超长字符串作为此选项值,就可以触发缓冲区溢出,由于nethack在Redhat 8上以suid game属性安装,因此精心构建提交参数值可能以game用户权限在系统上执行任意指令。
描述
By passing an overly large string when invoking nethack, it is possible to corrupt memory. jnethack and falconseye are also prone to this vulnerability.
介绍
# CVE-2003-0358
_Posting for historical reasons._
> * snowcrash
> * snowcra5h@icloud.com
> * https://github.com/snowcra5h/
## Description
> _Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges > via a long -s command line option._
## References
- https://www.exploit-db.com/?author=4939
- https://nvd.nist.gov/vuln/detail/CVE-2003-0358
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11283
- http://nethack.sourceforge.net/v340/bugmore/secpatch.txt
- http://www.debian.org/security/2003/dsa-316
- http://www.debian.org/security/2003/dsa-350
- http://www.securityfocus.com/archive/1/311172/2003-02-08/2003-02-14/0
- http://www.securityfocus.com/bid/6806
文件快照
[4.0K] /data/pocs/9c5cbe465bcc64afa681e5724419e798215d5a07
├── [1.0K] CVE-2003-0358.c
├── [ 708] CVE-2003-0358.pl
└── [ 765] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。