Freeciv 2.3.36/1/2023 Packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values.īuffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_player_attribute_chunk function in common/packets.c, and (3) a large packet->length value in the handle_unit_orders function in server/unithand.c. Name : freeciv Version : 2.3.3 Vendor : Fedora Project Release : 1.fc17 Date : 15:46:00 Group : Amusements/Games Source RPM : freeciv-2.3. This version is for Linux users and those wishing to acquire a copy of the game's source code. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption. This is version 2.3.3 of FreeCiv, released on the 8th of December, 2012. Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL.įreeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions.įreeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.Ī denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets.
0 Comments
Leave a Reply. |