Bug 192990 - CVE-2005-2295 - netpanzer server remote DOS
Summary: CVE-2005-2295 - netpanzer server remote DOS
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: netpanzer (Show other bugs)
(Show other bugs)
Version: 5
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Hugo Cisneiros
QA Contact: Fedora Extras Quality Assurance
URL: http://nvd.nist.gov/nvd.cfm?cvename=C...
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-05-24 17:12 UTC by Jason Tibbitts
Modified: 2007-11-30 22:11 UTC (History)
3 users (show)

Fixed In Version: 0.8-4
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-06-14 13:18:46 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Jason Tibbitts 2006-05-24 17:12:29 UTC
(from the CVE):
NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service
(infinite loop) via a packet with a zero datablock size.

It seems this has been fixed in upstream SVN, but no release has been made and
unfortunately upstream webSVN seems not to be responding for me.

Comment 1 Hans de Goede 2006-05-24 17:29:32 UTC
Erm, Tibs isn't this a duplicate of 192983, I understand you want to have a bug
with the CVE in the summary now that there is a CVE, but you could have just
changed the summary of 192983. I'm inclined to close this as a dup of 192983,
but Ill leave that up to you or Hugo.

Hugo let me know if you need any assistence with this one.


Comment 2 Chris Ricker 2006-05-24 17:31:57 UTC
They're two different bugs

Comment 3 Jason Tibbitts 2006-05-24 17:50:09 UTC
Yes, this is an older issue that I noticed when searching the CVE database for
netpanzer isues.  It has a fix in SVN although I wasn't able to extract it; the
other bug has no fix that I know of.

Comment 4 Hugo Cisneiros 2006-05-24 21:37:21 UTC
I'm currently looking this as I'm getting the updated source code from the svn 
repository. A patch and a new release will follow shortly.

Comment 5 Hugo Cisneiros 2006-06-14 13:18:46 UTC
Package fixed. Closing. Thanks!


Note You need to log in before you can comment on or make changes to this bug.