Date: Tue, 18 Dec 2012 09:13:44 -0500 (EST) From: Jan Lieskovsky <jlieskov@...hat.com> To: oss-security@...ts.openwall.com Cc: "Steven M. Christey" <coley@...us.mitre.org> Subject: CVE Request -- Freeciv (X < 2.3.3): DoS (memory exhaustion or excessive CPU consumption) via malformed network packets Hello Kurt, Steve, vendors, Freeciv upstream has released 2.3.3 version correcting one security issue: A denial of service flaw was found in the way the server component of Freeciv, a turn-based, multi-player, X based strategy game, processed certain packets (invalid packets with whole packet length lower than packet header size or syntactically valid packets, but whose processing would lead to an infinite loop). A remote attacker could send a specially-crafted packet that, when processed would lead to freeciv server to terminate (due to memory exhaustion) or become unresponsive (due to excessive CPU use). References:  http://aluigi.altervista.org/adv/freecivet-adv.txt  https://bugs.gentoo.org/show_bug.cgi?id=447490  http://freeciv.wikia.com/wiki/NEWS-2.3.3  https://bugzilla.redhat.com/show_bug.cgi?id=888331 Upstream bug report:  http://gna.org/bugs/?20003 Relevant patch (against trunk):  http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21670 Could you allocate a CVE id for this? Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ