FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

urban -- stack overflow vulnerabilities

Affected packages
urban < 1.5.3_2

Details

VuXML ID 08df5d46-1baf-11da-8038-0040f42d58c6
Discovery 2005-09-02
Entry 2005-09-02
Modified 2005-09-22

Several filename-related stack overflow bugs allow a local attacker to elevate its privileges to the games group, since urban is installed setgid games.

Issue discovered and fixed by <shaun@rsc.cx>.

References

CVE Name CVE-2005-2864
Message 55104.213.107.125.108.1125844783.squirrel@webmail.rsc.cx

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.