Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option. Reference and upstream patch: http://nethack.sourceforge.net/v340/bugmore/secpatch.txt
Current version is > 3.4.0 and not affected by this