Home page logo
/

oss-sec logo oss-sec mailing list archives

About CVE-2012-5645
From: Marko Lindqvist <cazfi74 () gmail com>
Date: Sat, 22 Dec 2012 02:26:40 +0200

I saw message that Freeciv bug #20003 has been assigned
CVE-2012-5645 : http://seclists.org/oss-sec/2012/q4/484

I'd like to clarify things a bit. It was not single issue, but more
like two separate issues. Most importantly this leads to patch listed
(http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21670) to
fix only part of the problems described. Something like:

A denial of service flaw was found in the way the server component
of Freeciv, a turn-based, multi-player, X based strategy game,
processed certain packets (invalid packets with whole packet
length lower than packet header size). A
remote attacker could send a specially-crafted packet that, when
processed would lead to freeciv server to terminate (due to memory
exhaustion)


The other half:
A denial of service flaw was found in the way the server component
of Freeciv, a turn-based, multi-player, X based strategy game,
processed certain packets (syntactically valid
packets, but whose processing would lead to an infinite loop). A
remote attacker could send a specially-crafted packet that, when
processed would lead to freeciv server to become unresponsive (due to
excessive CPU use).

is fixed in
http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21701



 Both are fixed in 2.3.3 (and patch versions applied to the stable
branch S2_3 release was made from:
http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21672 ,
http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21703 )


 - ML


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]