Vulnerabilities > CVE-2002-1245 - Unspecified vulnerability in Frank Mcingvale Luxman 0.41
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points to a Trojan horse gzip program.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Debian Local Security Checks |
| NASL id | DEBIAN_DSA-189.NASL |
| description | iDEFENSE reported about a vulnerability in LuxMan, a maze game for GNU/Linux, similar to the PacMan arcade game. When successfully exploited a local attacker gains read-write access to the memory, leading to a local root compromise in many ways, examples of which include scanning the file for fragments of the master password file and modifying kernel memory to re-map system calls. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 15026 |
| published | 2004-09-29 |
| reporter | This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/15026 |
| title | Debian DSA-189-1 : luxman - local root exploit |