Bug 65317 (CVE-2005-0099)

Summary: VUL-0: CVE-2005-0099: abuse: two security-related bugs
Product: [Novell Products] SUSE Security Incidents Reporter: Thomas Biege <thomas>
Component: IncidentsAssignee: Lukas Tinkl <ltinkl>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: CVE-2005-0099: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: abuse-patch2.diff

Description Thomas Biege 2005-01-31 17:24:52 UTC
Hello Lukas, 
these two bugs should be fixed in stable. 
Steve Kemp discovered several vulnerabilities in abuse, the SDL port 
of the Abuse action game, which could lead to the execution of 
arbitrary code with elevated privileges since it is installed setuid 
root.  The Common Vulnerabilities and Exposures project identifies the 
following problems: 
    Buffer overflows in the command line handling. 
    Insecure file creation may lead to the creation of arbitrary 
I'm attaching Steve's patches for both.  Please let me know if we 
need coordination. 
Comment 1 Thomas Biege 2005-01-31 17:24:52 UTC
<!-- SBZ_reproduce  -->
Comment 2 Thomas Biege 2005-01-31 17:25:49 UTC
I forward you the patch in an email. 
Comment 3 Lukas Tinkl 2005-02-02 19:05:17 UTC
Is there a corrected patch? The one you'd sent me didn't look ok.
Comment 4 Thomas Biege 2005-02-03 00:54:18 UTC
Do you mean parts liek this?

-      strcpy(name,argv[i]);
+      strncpy(name,argv[i],sizeof(name)-1);
+      name[sizeof(name)]='\0';

And the setuid() stuff?

I'll rewrite it and attach it here...
Comment 5 Thomas Biege 2005-02-03 01:45:46 UTC
Created attachment 28150 [details]

Patch for 9.0.

The code looks like it contains more "security gems" but it's a waste of time
to audit code of games. :)
Comment 6 Lukas Tinkl 2005-02-07 21:59:26 UTC
Fixed package submitted
Comment 7 Thomas Biege 2009-10-13 21:00:59 UTC
CVE-2005-0099: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N)