Multiple files vulnerable to a buffer overflow: - gnuchess is an updated version of the GNU chess playing program. It has a simple alpha-numeric board display, an IBM PC compatible interface, or it can be compiled for use with the chesstool program on a SUN workstation or with the xboard program under X-windows. - gnuan produces an analysis of a chess game. For each move it shows the move, the score and the principle variation selected by gnuchess. - isdnrep reads the isdnlog log files, generates reports, does statistics, and other things. It can also generate HTML output for use with a web server. ; By default the above are not suid. proof of concept code for the above can be found at: http://www.static-x.org/hax.php?pwned=code