|
|
Family: Debian Local Security Checks --> Category: infos
[DSA432] DSA-432-1 crawl Vulnerability Scan
Vulnerability Scan Summary
DSA-432-1 crawl
Detailed Explanation for this Vulnerability Test
Steve Kemp from the Debian Security Audit Project discovered a problem in
crawl, another console based dungeon exploration game, in the vein of
nethack and rogue. The program uses several environment variables as
inputs but doesn't apply a size check before copying one of them into
a fixed size buffer.
For the stable distribution (woody) this problem has been fixed in
version 4.0.0beta23-2woody1.
For the unstable distribution (sid) this problem has been fixed in
version 4.0.0beta26-4.
We recommend that you upgrade your crawl package.
Solution : http://www.debian.org/security/2004/dsa-432
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
