MDKSA-2006:135
- Package name
- freeciv
- Date
- 2006-07-31
- Advisory ID
- MDKSA-2006:135
- Affected versions
- 2006.0 i586 , 2006.0 x86_64
Problem description
Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul
2006 and earlier, allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a (1) negative
chunk_length or a (2) large chunk->offset value in a
PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the
generic_handle_player_attribute_chunk function in common/packets.c, and
(3) a large packet->length value in the handle_unit_orders function in
server/unithand.c.
The updated packages have been patched to fix this issue.
Updated packages
2006.0 i586
5ddab58ab94283b8c4398875a2a845de 2006.0/RPMS/freeciv-client-2.0.4-2.2.20060mdk.i586.rpm 218f597230b3435da9a41a6cc1f27826 2006.0/RPMS/freeciv-data-2.0.4-2.2.20060mdk.i586.rpm ee661fb04809a50f893342ac350dfc3f 2006.0/RPMS/freeciv-server-2.0.4-2.2.20060mdk.i586.rpm 73be75ec52570bc9a58eed1f94916135 2006.0/SRPMS/freeciv-2.0.4-2.2.20060mdk.src.rpm
2006.0 x86_64
5c0a814a9abb1d374837141815fccb7a x86_64/2006.0/RPMS/freeciv-client-2.0.4-2.2.20060mdk.x86_64.rpm 454360b2ce12207760c7e4325c8e5c3f x86_64/2006.0/RPMS/freeciv-data-2.0.4-2.2.20060mdk.x86_64.rpm dea806eb51d3c13f893a3adcd9866f85 x86_64/2006.0/RPMS/freeciv-server-2.0.4-2.2.20060mdk.x86_64.rpm 73be75ec52570bc9a58eed1f94916135 x86_64/2006.0/SRPMS/freeciv-2.0.4-2.2.20060mdk.src.rpm