Vulnerabilities > CVE-2005-2864 - Local Security vulnerability in Urban

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
local
low complexity
urban
nessus

Summary

URBAN 1.5.3_1 allows local users to overwrite arbitrary files via a symlink attack on the (1) high score or (2) save game files.

Vulnerable Configurations

Part Description Count
Application
Urban
1

Nessus

NASL familyFreeBSD Local Security Checks
NASL idFREEBSD_PKG_08DF5D461BAF11DA80380040F42D58C6.NASL
descriptionSeveral filename-related stack overflow bugs allow a local attacker to elevate its privileges to the games group, since urban is installed setgid games. Issue discovered and fixed by <[email protected]>.
last seen2020-06-01
modified2020-06-02
plugin id21382
published2006-05-13
reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/21382
titleFreeBSD : urban -- stack overflow vulnerabilities (08df5d46-1baf-11da-8038-0040f42d58c6)