Insecure Permissions in Nethack 3.4.0 and Earlier: Privilege Escalation Vulnerability

Insecure Permissions in Nethack 3.4.0 and Earlier: Privilege Escalation Vulnerability

CVE-2003-0359 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code.

Learn more about our User Device Pen Test.