Vulnerabilities > CVE-2006-0047 - Resource Management Errors vulnerability in Freeciv
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Freeciv <= 2.0.7 (Jumbo Malloc) Denial of Service Crash. CVE-2006-0047. Dos exploit for windows platform |
| id | EDB-ID:1557 |
| last seen | 2016-01-31 |
| modified | 2006-03-06 |
| published | 2006-03-06 |
| reporter | Luigi Auriemma |
| source | https://www.exploit-db.com/download/1557/ |
| title | Freeciv <= 2.0.7 Jumbo Malloc Denial of Service Crash |
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2006-053.NASL description A Denial of Service vulnerability was discovered in the civserver component of the freeciv game on certain incoming packets. The updated packages have been patched to fix this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 21028 published 2006-03-08 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21028 title Mandrake Linux Security Advisory : freeciv (MDKSA-2006:053) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2006:053. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(21028); script_version ("1.14"); script_cvs_date("Date: 2019/08/02 13:32:48"); script_cve_id("CVE-2006-0047"); script_xref(name:"MDKSA", value:"2006:053"); script_name(english:"Mandrake Linux Security Advisory : freeciv (MDKSA-2006:053)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A Denial of Service vulnerability was discovered in the civserver component of the freeciv game on certain incoming packets. The updated packages have been patched to fix this issue." ); script_set_attribute( attribute:"solution", value: "Update the affected freeciv-client, freeciv-data and / or freeciv-server packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_cwe_id(20); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:freeciv-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:freeciv-data"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:freeciv-server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006"); script_set_attribute(attribute:"patch_publication_date", value:"2006/03/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/03/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2006.0", reference:"freeciv-client-2.0.4-2.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"freeciv-data-2.0.4-2.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"freeciv-server-2.0.4-2.1.20060mdk", yank:"mdk")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200603-11.NASL description The remote host is affected by the vulnerability described in GLSA-200603-11 (Freeciv: Denial of Service) Luigi Auriemma discovered that Freeciv could be tricked into the allocation of enormous chunks of memory when trying to uncompress malformed data packages, possibly leading to an out of memory condition which causes Freeciv to crash or freeze. Impact : A remote attacker could exploit this issue to cause a Denial of Service by sending specially crafted data packages to the Freeciv game server. Workaround : Play solo games or restrict your multiplayer games to trusted parties. last seen 2020-06-01 modified 2020-06-02 plugin id 21084 published 2006-03-16 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21084 title GLSA-200603-11 : Freeciv: Denial of Service code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200603-11. # # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(21084); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:32:43"); script_cve_id("CVE-2006-0047"); script_xref(name:"GLSA", value:"200603-11"); script_name(english:"GLSA-200603-11 : Freeciv: Denial of Service"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200603-11 (Freeciv: Denial of Service) Luigi Auriemma discovered that Freeciv could be tricked into the allocation of enormous chunks of memory when trying to uncompress malformed data packages, possibly leading to an out of memory condition which causes Freeciv to crash or freeze. Impact : A remote attacker could exploit this issue to cause a Denial of Service by sending specially crafted data packages to the Freeciv game server. Workaround : Play solo games or restrict your multiplayer games to trusted parties." ); script_set_attribute( attribute:"see_also", value:"http://aluigi.altervista.org/adv/freecivdos-adv.txt" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200603-11" ); script_set_attribute( attribute:"solution", value: "All Freeciv users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=games-strategy/freeciv-2.0.8'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_cwe_id(20); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:freeciv"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2006/03/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/03/16"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/03/06"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"games-strategy/freeciv", unaffected:make_list("ge 2.0.8"), vulnerable:make_list("lt 2.0.8"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Freeciv"); }NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_339FBBC14D2311DBB48D00508D6A62DF.NASL description Secunia reports : Luigi Auriemma has reported a vulnerability in Freeciv, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the handling of the packet length in last seen 2020-06-01 modified 2020-06-02 plugin id 22453 published 2006-09-27 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/22453 title FreeBSD : freeciv -- Packet Parsing Denial of Service Vulnerability (339fbbc1-4d23-11db-b48d-00508d6a62df) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-994.NASL description Luigi Auriemma discovered a denial of service condition in the free Civilization server that allows a remote user to trigger a server crash. last seen 2020-06-01 modified 2020-06-02 plugin id 22860 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22860 title Debian DSA-994-1 : freeciv - denial of service
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=355211
- http://secunia.com/advisories/19120
- http://www.securityfocus.com/bid/16975
- http://www.gentoo.org/security/en/glsa/glsa-200603-11.xml
- http://secunia.com/advisories/19253
- http://www.debian.org/security/2006/dsa-994
- http://secunia.com/advisories/19227
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:053
- http://www.vupen.com/english/advisories/2006/0838
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25166
- http://www.securityfocus.com/archive/1/426866/100/0/threaded