Published: 17/11/2003 Updated: 10/09/2008

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 465

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in marbles 1.0.2 and previous versions allows local users to gain privileges via a long HOME environment variable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
marbles marbles 1.0.1

Steve Kemp discovered a buffer overflow in marbles, when processing the HOME environment variable This vulnerability could be exploited by a local user to gain gid 'games' For the current stable distribution (woody) this problem has been fixed in version 102-1woody1 For the unstable distribution (sid) this problem will be fixed soon We recomm ...

source: wwwsecurityfocuscom/bid/8710/info A problem in the handling of data in the Home environment variable has been reported in the marbles program This may make it possible for a local attacker to gain elevated privileges /* c-marblesc * * PoC exploit made for advisory based uppon an local stack based overflow * Vulnerable ver ...

NVD-CWE-Other http://www.debian.org/security/2003/dsa-390 https://nvd.nist.gov https://www.debian.org/security/./dsa-390 https://www.exploit-db.com/exploits/23189/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0830

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect