NetBSD 'hack(6)' Multiple Privilege Escalation Vulnerabilities

NetBSD 'hack(6)' Multiple Privilege Escalation Vulnerabilities

The NetBSD 'hack(6)' game is prone to multiple privilege-escalation vulnerabilities caused by buffer-overflow errors because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

A local attacker may exploit these issues to elevate privileges to the 'games' group.