5 matches found
Debian DSA-1102-1 : pinball - design error
Steve Kemp from the Debian Security Audit project discovered that pinball, a pinball simulator, can be tricked into loading level plugins from user-controlled directories without dropping privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
[SECURITY] [DSA 1102-1] New pinball packages fix privilege escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1102-1 [email protected] http://www.debian.org/security/ Steve Kemp June 26th, 2006 http://www.debian.org/security/faq -...
CVE-2006-2196
Unspecified vulnerability in pinball 0.3.1 allows local users to gain privileges via unknown attack vectors that cause pinball to load plugins from an attacker-controlled directory while operating at raised privileges...
CVE-2006-2196
CVE-2006-2196 affects pinball 0.3.1. Several connected sources confirm a local privilege-escalation flaw where pinball can be tricked into loading level plugins from a user-controlled directory without dropping privileges. Debian DSA-1102 documents the fix/update paths (0.3.1-3sarge1 for sarge; o...
[SECURITY] [DSA 1102-1] New pinball packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 1102-1 [email protected] http://www.debian.org/security/ Steve Kemp June 26th, 2006 http://www.debian.org/security/faq -...