oss-security December 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: [oss-security] CVE request: rocksndiamonds world-w

[oss-security] CVE request: rocksndiamonds world-writable working/config directory

From: Vincent Danen <vdanen_at_nospam>
Date: Mon Dec 12 2011 - 16:24:56 GMT
To: oss-security@lists.openwall.com

rocksndiamonds creates its ~/.rocksndiamonds/ directory as
world-writable. This could allow a local attacker to replace a cache
file with a symbolic link to a file they would not otherwise have access
to, and the next time the victim loaded the game, it would be

Could a CVE be assigned to this please?



-- Vincent Danen / Red Hat Security Response Team