oss-sec mailing list archives
CVE Request -- Freeciv (X < 2.3.3): DoS (memory exhaustion or excessive CPU consumption) via malformed network packets
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Tue, 18 Dec 2012 09:13:44 -0500 (EST)
Hello Kurt, Steve, vendors, Freeciv upstream has released 2.3.3 version correcting one security issue: A denial of service flaw was found in the way the server component of Freeciv, a turn-based, multi-player, X based strategy game, processed certain packets (invalid packets with whole packet length lower than packet header size or syntactically valid packets, but whose processing would lead to an infinite loop). A remote attacker could send a specially-crafted packet that, when processed would lead to freeciv server to terminate (due to memory exhaustion) or become unresponsive (due to excessive CPU use). References: [1] http://aluigi.altervista.org/adv/freecivet-adv.txt [2] https://bugs.gentoo.org/show_bug.cgi?id=447490 [3] http://freeciv.wikia.com/wiki/NEWS-2.3.3 [4] https://bugzilla.redhat.com/show_bug.cgi?id=888331 Upstream bug report: [5] http://gna.org/bugs/?20003 Relevant patch (against trunk): [6] http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21670 Could you allocate a CVE id for this? Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE Request -- Freeciv (X < 2.3.3): DoS (memory exhaustion or excessive CPU consumption) via malformed network packets Jan Lieskovsky (Dec 18)