Summary
The remote host is missing updates announced in
advisory GLSA 200603-23.
Solution
NetHack has been masked in Portage pending the resolution of these issues.
Vulnerable NetHack users are advised to uninstall the package until further notice.
# emerge --ask --verbose --unmerge 'games-roguelike/nethack'
Slash'EM has been masked in Portage pending the resolution of these issues. Vulnerable Slash'EM users are advised to uninstall the package until further notice.
# emerge --ask --verbose --unmerge 'games-roguelike/slashem'
Falcon's Eye has been masked in Portage pending the resolution of these issues. Vulnerable Falcon's Eye users are advised to uninstall the package until further notice.
# emerge --ask --verbose --unmerge 'games-roguelike/falconseye'
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200603-23 http://bugs.gentoo.org/show_bug.cgi?id=125902
http://bugs.gentoo.org/show_bug.cgi?id=122376
http://bugs.gentoo.org/show_bug.cgi?id=127167
http://bugs.gentoo.org/show_bug.cgi?id=127319
Insight
NetHack, Slash'EM and Falcon's Eye are vulnerable to local privilege escalation vulnerabilities that could potentially allow the execution of arbitrary code as other users.
Severity
Classification
-
CVE CVE-2006-1390 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities