Freeciv Remote Denial Of Service Vulnerability
BID:16975
Info
Freeciv Remote Denial Of Service Vulnerability
| Bugtraq ID: | 16975 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2006-0047 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 06 2006 12:00AM |
| Updated: | Dec 14 2006 06:58PM |
| Credit: | Discovery of this vulnerability is credited to Luigi Auriemma. |
| Vulnerable: |
Mandriva Linux Mandrake 2006.0 x86_64 Mandriva Linux Mandrake 2006.0 Gentoo Linux Freeciv Freeciv 2.0.7 Freeciv Freeciv 2.0.4 Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia-64 Debian Linux 3.0 ia-32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha Debian Linux 3.0 |
| Not Vulnerable: |
Freeciv Freeciv 2.0.8 |
Discussion
Freeciv Remote Denial Of Service Vulnerability
The Freeciv game server is reported prone to a remote denial-of-service vulnerability.
A remote attacker may exploit this issue to deny service for legitimate users.
The Freeciv game server is reported prone to a remote denial-of-service vulnerability.
A remote attacker may exploit this issue to deny service for legitimate users.
Exploit / POC
Freeciv Remote Denial Of Service Vulnerability
This issue can be exploited by sending a malformed large packet to an affected game server.
This issue can be exploited by sending a malformed large packet to an affected game server.
Solution / Fix
Freeciv Remote Denial Of Service Vulnerability
Solution:
The vendor has released an update to address this issue.
Please see the reference section for advisories and more information.
Freeciv Freeciv 2.0.4
Freeciv Freeciv 2.0.7
Solution:
The vendor has released an update to address this issue.
Please see the reference section for advisories and more information.
Freeciv Freeciv 2.0.4
-
Mandriva freeciv-client-2.0.4-2.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://wwwnew.mandriva.com/en/downloads/ -
Mandriva freeciv-client-2.0.4-2.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://wwwnew.mandriva.com/en/downloads/ -
Mandriva freeciv-data-2.0.4-2.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://wwwnew.mandriva.com/en/downloads/ -
Mandriva freeciv-data-2.0.4-2.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://wwwnew.mandriva.com/en/downloads/ -
Mandriva freeciv-server-2.0.4-2.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://wwwnew.mandriva.com/en/downloads/ -
Mandriva freeciv-server-2.0.4-2.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://wwwnew.mandriva.com/en/downloads/
Freeciv Freeciv 2.0.7
-
Freeciv freeciv-2.0.8.tar.gz
http://prdownloads.sourceforge.net/freeciv/freeciv-2.0.8.tar.gz
References
Freeciv Remote Denial Of Service Vulnerability
References:
References:
- Debian Bug report logs - #355211 - freeciv-server: security hole (Debian)
- Freeciv Changelog (Freeciv)
- Warcraft Resurrection Homepage (Warzone Resurrection)