Date: Tue, 18 Dec 2012 09:13:44 -0500 (EST) From: Jan Lieskovsky <jlieskov@...hat.com> To: oss-security@...ts.openwall.com Cc: "Steven M. Christey" <coley@...us.mitre.org> Subject: CVE Request -- Freeciv (X < 2.3.3): DoS (memory exhaustion or excessive CPU consumption) via malformed network packets Hello Kurt, Steve, vendors, Freeciv upstream has released 2.3.3 version correcting one security issue: A denial of service flaw was found in the way the server component of Freeciv, a turn-based, multi-player, X based strategy game, processed certain packets (invalid packets with whole packet length lower than packet header size or syntactically valid packets, but whose processing would lead to an infinite loop). A remote attacker could send a specially-crafted packet that, when processed would lead to freeciv server to terminate (due to memory exhaustion) or become unresponsive (due to excessive CPU use). References:  http://aluigi.altervista.org/adv/freecivet-adv.txt  https://bugs.gentoo.org/show_bug.cgi?id=447490  http://freeciv.wikia.com/wiki/NEWS-2.3.3  https://bugzilla.redhat.com/show_bug.cgi?id=888331 Upstream bug report:  http://gna.org/bugs/?20003 Relevant patch (against trunk):  http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21670 Could you allocate a CVE id for this? Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.