• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Xbreaky File Corruption Vulnerability

The xbreaky game is prone to symbolic link attacks, which may allow local attackers to corrupt arbitrary system files.

When xbreaky writes to the high score file, it will follow any symbolic links. Since xbreaky is installed setuid root by default, an attacker could create a symbolic link to an arbitrary file and then when the highscore file is written to, the file pointed to by the symbolic link will also be written to.

There may be some possibility of exploiting this condition to elevate privileges, if the attacker causes system files to be corrupted with custom data.