oss-sec mailing list archives
About CVE-2012-5645
From: Marko Lindqvist <cazfi74 () gmail com>
Date: Sat, 22 Dec 2012 02:26:40 +0200
I saw message that Freeciv bug #20003 has been assigned CVE-2012-5645 : http://seclists.org/oss-sec/2012/q4/484 I'd like to clarify things a bit. It was not single issue, but more like two separate issues. Most importantly this leads to patch listed (http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21670) to fix only part of the problems described. Something like: A denial of service flaw was found in the way the server component of Freeciv, a turn-based, multi-player, X based strategy game, processed certain packets (invalid packets with whole packet length lower than packet header size). A remote attacker could send a specially-crafted packet that, when processed would lead to freeciv server to terminate (due to memory exhaustion) The other half: A denial of service flaw was found in the way the server component of Freeciv, a turn-based, multi-player, X based strategy game, processed certain packets (syntactically valid packets, but whose processing would lead to an infinite loop). A remote attacker could send a specially-crafted packet that, when processed would lead to freeciv server to become unresponsive (due to excessive CPU use). is fixed in http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21701 Both are fixed in 2.3.3 (and patch versions applied to the stable branch S2_3 release was made from: http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21672 , http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21703 ) - ML
Current thread:
- About CVE-2012-5645 Marko Lindqvist (Dec 21)
- Re: About CVE-2012-5645 Kurt Seifried (Dec 29)
- Re: About CVE-2012-5645 Marko Lindqvist (Dec 30)
- Re: About CVE-2012-5645 Kurt Seifried (Dec 30)
- Re: About CVE-2012-5645 Marko Lindqvist (Dec 30)
- Re: About CVE-2012-5645 Kurt Seifried (Dec 29)