Bug 192983

Summary: CVE-2006-2575 Remote termination security issue
Product: [Fedora] Fedora Reporter: Jason Tibbitts <j>
Component: netpanzerAssignee: Hugo Cisneiros <hugo>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: 5CC: extras-qa, fedora-security-list
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://www.securityfocus.com/archive/1/434908/30/0/threaded
Whiteboard:
Fixed In Version: 0.8-4 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-06-14 13:17:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Patch fixing this CVE none

Description Jason Tibbitts 2006-05-24 16:48:54 UTC 
The netPanzer server is subject to a DOS; it can be made to crash remotely.

Versions 0.8 and lower are vulnerable.

http://www.securityfocus.com/archive/1/434908/30/0/threaded

A CVE has not yet been assigned for this issue.
Comment 1 James Kosin 2006-05-24 17:11:58 UTC 
I'm not sure if I'd call a game that terminates unexpectedly a security risk.

But, to fix we should probably find out what values for FrameNum are acceptable 
and who is causing the problem to fail the ASSERT().
Comment 2 Jason Tibbitts 2006-05-24 17:17:49 UTC 
(In reply to comment #1)
> I'm not sure if I'd call a game that terminates unexpectedly a security risk.

Any less than we'd call a web server that terminates unexpectedly a security
risk?  But hey, if folks want to agree that we don't add remote termination
issues for "noncritical" applications (along with a definition of just what is
considered noncritical) then I'll abide by that.  Does the perception change if
a CVE is issued?
Comment 3 Hugo Cisneiros 2006-05-24 21:37:04 UTC 
Any fixes would be good to include. I'm currently watching this issue, as I am 
not a good programmer, I can't look at the source code at the time. However 
I'll try to make some efforts on this. If you have any updates, tell me. 
Regarding bug #192990, I'll look, make a patch from svn and update the 
release. Thanks for the attention.
Comment 4 Hans de Goede 2006-06-06 18:16:18 UTC 
Created attachment 130628 [details]
Patch fixing this CVE

Since no-one else was doing it I've taken a look at this, with as a result the
attached patch which fixes this.

I confirmed the crash with the exploit given in the URL above, and checked that
it no longer crashes with this patch.

I however didnot check if this influences play in anyway, someone who actually
plays the game should test this, especially the flag selection for a player.
Although I believe that there should be no influence.

p.s.

Whats going on with getting the fix for the other vulnerability from SVN?
Comment 5 Hugo Cisneiros 2006-06-14 13:17:29 UTC 
Package fixed. Closing. Thanks!