[STX] Multiple Security Vulnerabilities
Date: 3 Jul 2003 17:39:11 -0000 To: firstname.lastname@example.org('binary' encoding is not supported, stored as-is)
Multiple files vulnerable to a buffer overflow:
gnuchess is an updated version of the GNU chess playing program. It has a
simple alpha-numeric board display, an IBM PC compatible interface, or it
can be compiled for use with the chesstool program on a SUN workstation or
with the xboard program under X-windows.
gnuan produces an analysis of a chess game. For each move it shows the
move, the score and the principle variation selected by gnuchess.
isdnrep reads the isdnlog log files, generates reports, does
statistics, and other things. It can also generate HTML output for use
with a web server.
; By default the above are not suid.
proof of concept code for the above can be found at: