PatR

4 exploits Active since Dec 2019
CVE-2019-19905 WRITEUP CRITICAL WRITEUP
NetHack 3.6.0-3.6.3 - Buffer Overflow via Long Configuration File Lines
NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files.
CVSS 9.8
CVE-2019-19905 WRITEUP CRITICAL WRITEUP
NetHack 3.6.0-3.6.3 - Buffer Overflow via Long Configuration File Lines
NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files.
CVSS 9.8
CVE-2020-5209 WRITEUP MEDIUM WRITEUP
Nethack < 3.6.5 - Buffer Overflow
In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options. Users should upgrade to NetHack 3.6.5.
CVSS 5.0
CVE-2020-5210 WRITEUP MEDIUM WRITEUP
NetHack < 3.6.5 - Buffer Overflow via -w Command Line Option
In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options. Users should upgrade to NetHack 3.6.5.
CVSS 5.0