• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Atari800 Emulator Multiple Local Buffer Overflow Vulnerabilities

Atari800 is reported prone to multiple local buffer overflow vulnerabilities. The issues exist in 'log.c' and 'rt-config.c' files and are due to a lack of sufficient boundary checks performed on user-supplied data.

A local attacker may exploit these vulnerabilities to have arbitrary attacker supplied instructions executed in the context of the vulnerable utility.

These vulnerabilities are reported to affect Atari800 1.3.1 and previous other versions might also be affected. It is reported that this application is installed setuid superuser when it is compiled to utilize SVGALIB.

This issue may be related to BID 8322.