漏洞信息详情
Freeciv 'packets.c'缓冲区溢出漏洞
- CNNVD编号:CNNVD-200607-490
- 危害等级: 高危
- CVE编号: CVE-2006-3913
- 漏洞类型: 缓冲区溢出
- 发布时间: 2006-07-27
- 威胁类型: 远程
- 更新时间: 2006-08-02
- 厂 商: freeciv
- 漏洞来源: Luigi Auriemma dis...
漏洞简介
Freeciv 2.1.0-beta1及之前版本和SVN 15 Jul 2006及之前版本存在缓冲区溢出。远程攻击者可以借助common/packets.c的generic_handle_player_attribute_chunk 函数中的PACKET_PLAYER_ATTRIBUTE_CHUNK 数据包中的(1) 负 chunk_length或(2)大chunk->offset 值,以及server/unithand.c的handle_unit_orders 函数中的(3) 大packet->length值,引起拒绝服务(崩溃)。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Freeciv Freeciv 2.0.1
Debian freeciv-client-gtk_2.0.1-1sarge2_alpha.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- gtk_2.0.1-1sarge2_alpha.deb
Debian freeciv-client-gtk_2.0.1-1sarge2_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- gtk_2.0.1-1sarge2_amd64.deb
Debian freeciv-client-gtk_2.0.1-1sarge2_arm.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- gtk_2.0.1-1sarge2_arm.deb
Debian freeciv-client-gtk_2.0.1-1sarge2_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- gtk_2.0.1-1sarge2_hppa.deb
Debian freeciv-client-gtk_2.0.1-1sarge2_i386.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- gtk_2.0.1-1sarge2_i386.deb
Debian freeciv-client-gtk_2.0.1-1sarge2_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- gtk_2.0.1-1sarge2_ia64.deb
Debian freeciv-client-gtk_2.0.1-1sarge2_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- gtk_2.0.1-1sarge2_m68k.deb
Debian freeciv-client-gtk_2.0.1-1sarge2_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- gtk_2.0.1-1sarge2_mips.deb
Debian freeciv-client-gtk_2.0.1-1sarge2_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- gtk_2.0.1-1sarge2_mipsel.deb
Debian freeciv-client-gtk_2.0.1-1sarge2_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- gtk_2.0.1-1sarge2_powerpc.deb
Debian freeciv-client-gtk_2.0.1-1sarge2_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- gtk_2.0.1-1sarge2_s390.deb
Debian freeciv-client-gtk_2.0.1-1sarge2_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- gtk_2.0.1-1sarge2_sparc.deb
Debian freeciv-client-xaw3d_2.0.1-1sarge2_alpha.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- xaw3d_2.0.1-1sarge2_alpha.deb
Debian freeciv-client-xaw3d_2.0.1-1sarge2_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- xaw3d_2.0.1-1sarge2_amd64.deb
Debian freeciv-client-xaw3d_2.0.1-1sarge2_arm.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- xaw3d_2.0.1-1sarge2_arm.deb
Debian freeciv-client-xaw3d_2.0.1-1sarge2_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- xaw3d_2.0.1-1sarge2_hppa.deb
Debian freeciv-client-xaw3d_2.0.1-1sarge2_i386.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- xaw3d_2.0.1-1sarge2_i386.deb
Debian freeciv-client-xaw3d_2.0.1-1sarge2_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- xaw3d_2.0.1-1sarge2_ia64.deb
Debian freeciv-client-xaw3d_2.0.1-1sarge2_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- xaw3d_2.0.1-1sarge2_m68k.deb
Debian freeciv-client-xaw3d_2.0.1-1sarge2_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- xaw3d_2.0.1-1sarge2_mips.deb
Debian freeciv-client-xaw3d_2.0.1-1sarge2_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client- xaw3d_2.0.1-1sarge2_mipsel.deb
Debian freeciv-client-xaw3d_2.0.1-1sarge2_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://sec
参考网址
来源: BUGTRAQ
名称: 20060723 Two crash vulnerabilities in Freeciv 2.1.0-beta1 (SVN 15 Jul 2006)
链接:http://www.securityfocus.com/archive/1/archive/1/441042/100/0/threaded
来源: SECUNIA
名称: 21254
链接:http://secunia.com/advisories/21254
来源: MANDRIVA
名称: MDKSA-2006:135
链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:135
来源: BID
名称: 19117
链接:http://www.securityfocus.com/bid/19117
来源: VUPEN
名称: ADV-2006-2942
链接:http://www.frsirt.com/english/advisories/2006/2942
来源: SECUNIA
名称: 21171
链接:http://secunia.com/advisories/21171
来源: MISC
链接:http://aluigi.altervista.org/adv/freecivx-adv.txt
来源: XF
名称: freeciv-unithand-dos(27956)
链接:http://xforce.iss.net/xforce/xfdb/27956
来源: XF
名称: freeciv-packetsc-dos(27955)
链接:http://xforce.iss.net/xforce/xfdb/27955
来源: MANDRIVA
名称: MDKSA-2006:135
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2006:135
来源: DEBIAN
名称: DSA-1142
链接:http://www.debian.org/security/2006/dsa-1142
来源: SREASON
名称: 1296
链接:http://securityreason.com/securityalert/1296
来源: SECUNIA
名称: 21352
链接:http://secunia.com/advisories/21352
受影响实体
- Freeciv Freeciv:2.1.0_beta1
补丁
暂无
评论