Bug 192990 - CVE-2005-2295 - netpanzer server remote DOS
CVE-2005-2295 - netpanzer server remote DOS
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: netpanzer (Show other bugs)
5
All Linux
medium Severity medium
: ---
: ---
Assigned To: Hugo Cisneiros
Fedora Extras Quality Assurance
http://nvd.nist.gov/nvd.cfm?cvename=C...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-24 13:12 EDT by Jason Tibbitts
Modified: 2007-11-30 17:11 EST (History)
3 users (show)

See Also:
Fixed In Version: 0.8-4
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-06-14 09:18:46 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jason Tibbitts 2006-05-24 13:12:29 EDT
(from the CVE):
NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service
(infinite loop) via a packet with a zero datablock size.

It seems this has been fixed in upstream SVN, but no release has been made and
unfortunately upstream webSVN seems not to be responding for me.
Comment 1 Hans de Goede 2006-05-24 13:29:32 EDT
Erm, Tibs isn't this a duplicate of 192983, I understand you want to have a bug
with the CVE in the summary now that there is a CVE, but you could have just
changed the summary of 192983. I'm inclined to close this as a dup of 192983,
but Ill leave that up to you or Hugo.

Hugo let me know if you need any assistence with this one.
Comment 2 Chris Ricker 2006-05-24 13:31:57 EDT
They're two different bugs
Comment 3 Jason Tibbitts 2006-05-24 13:50:09 EDT
Yes, this is an older issue that I noticed when searching the CVE database for
netpanzer isues.  It has a fix in SVN although I wasn't able to extract it; the
other bug has no fix that I know of.
Comment 4 Hugo Cisneiros 2006-05-24 17:37:21 EDT
I'm currently looking this as I'm getting the updated source code from the svn 
repository. A patch and a new release will follow shortly.
Comment 5 Hugo Cisneiros 2006-06-14 09:18:46 EDT
Package fixed. Closing. Thanks!

Note You need to log in before you can comment on or make changes to this bug.