freeciv -- Denial of Service Vulnerabilities

2006-07-2300:00:00

vuxml.freebsd.org

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.064 Low

EPSS

Percentile

93.7%

JSON

Secunia reports:

Luigi Auriemma has reported a vulnerability in Freeciv,
which can be exploited by malicious people to cause a DoS
(Denial of Service).
An error in the “generic_handle_player_attribute_chunk()”
function in common/packets.c can be exploited to crash the
service via a specially crafted
PACKET_PLAYER_ATTRIBUTE_CHUNK packet sent to the server.
An error in the “handle_unit_orders()” function in
server/unithand.c can be exploited to crash the service
via a specially crafted packet.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchfreeciv< 2.0.8_2UNKNOWN
FreeBSDanynoarchfreeciv-gtk< 2.0.8_2UNKNOWN
FreeBSDanynoarchfreeciv-gtk2< 2.0.8_2UNKNOWN
FreeBSDanynoarchfreeciv-nox11< 2.0.8_2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	freeciv	< 2.0.8_2	UNKNOWN
FreeBSD	any	noarch	freeciv-gtk	< 2.0.8_2	UNKNOWN
FreeBSD	any	noarch	freeciv-gtk2	< 2.0.8_2	UNKNOWN
FreeBSD	any	noarch	freeciv-nox11	< 2.0.8_2	UNKNOWN