Vulnerabilities > CVE-2005-2864
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN nessus
Summary
URBAN 1.5.3_1 allows local users to overwrite arbitrary files via a symlink attack on the (1) high score or (2) save game files.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | FreeBSD Local Security Checks |
| NASL id | FREEBSD_PKG_08DF5D461BAF11DA80380040F42D58C6.NASL |
| description | Several filename-related stack overflow bugs allow a local attacker to elevate its privileges to the games group, since urban is installed setgid games. Issue discovered and fixed by <[email protected]>. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 21382 |
| published | 2006-05-13 |
| reporter | This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/21382 |
| title | FreeBSD : urban -- stack overflow vulnerabilities (08df5d46-1baf-11da-8038-0040f42d58c6) |