Package: rocksndiamonds
Version: 3.3.0.1+dfsg1-1
Severity: grave
Tags: security
Justification: user security hole

The ~/.rocksndiamonds directory and its subdirectories are created as writable to anybody. This allows an attacker to overwrite arbitrary files by doing this:
1) Delete the /home/victim/.rocksndiamonds/cache/artworkinfo.cache file.
2) Create new /home/victim/.rocksndiamonds/cache/artworkinfo.cache as a symlink to a file you want to overwrite.
3) Wait until the victim runs the game.

--
Jakub Wilk



--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to