Information on NetHack Security Issues

CVE-2023-24809NetHack Call command buffer overflow
CVE-2020-5254NetHack hilite_status parsing privilege escalation
CVE-2020-5253NetHack 3.4.3 privilege escalation
CVE-2020-5214Error recovery after syntax error in configuration file is subject to a buffer overflow
CVE-2020-5213SYMBOL configuration file option is subject to a buffer overflow
CVE-2020-5212MENUCOLOR configuration file option is subject to a buffer overflow
CVE-2020-5211AUTOCOMPLETE configuration file option is subject to a buffer overflow
CVE-2020-5210NetHack command line -w option parsing is subject to a buffer overflow
CVE-2020-5209Command line parsing of options starting with -de and -i is subject to a buffer overflow
CVE-2019-19905Privilege escalation/remote code execution/crash in configuration parsing

About
Known Bug List
Version 3.6.7
License
Known Bug Search
Archive
Policies
Site Map
Old News
Security Issues
Developer Resources
Old Versions
Contact Us

Hosted courtesy of alt.org.

NetHack is Copyright 1985-2023 by Stichting Mathematisch Centrum and M. Stephenson. See our license for details.
This site is Copyright 1999-2023 by Kenneth Lorber, Kensington, Maryland.