In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5. #### Notes Author| Note ---|--- [msalvatore](<https://launchpad.net/~msalvatore>) | Nethack is installed sgid games, but not suid or sgid root.
|OS||OS Version||Package Name||Package Version|