Bug 405661 - (CVE-2007-5742) CVE-2007-5742, CVE-2007-6201 wesnoth: multiple vulnerabilities
CVE-2007-5742, CVE-2007-6201 wesnoth: multiple vulnerabilities
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Brian Pepple
http://nvd.nist.gov/nvd.cfm?cvename=C...
source=debian,reported=20071130,publi...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-11-30 04:30 EST by Tomas Hoger
Modified: 2007-12-03 06:40 EST (History)
2 users (show)

See Also:
Fixed In Version: 1.2.8-2.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-12-03 06:40:21 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tomas Hoger 2007-11-30 04:30:12 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-5742 to the following vulnerability:

Versions prior to 1.2.8 and development branches prior to 1.3.12 are affected
by a security vulneratiliby which allows attackers to view the content of files
on the remote computer running Wesnoth.

References:
http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289
http://secunia.com/advisories/27786/
Comment 1 Tomas Hoger 2007-11-30 04:33:29 EST
Brian, I've noticed new builds of 1.2.8 in Koji, which either failed or were
canceled.  Please consider mentioning CVE id in the RPM changelog.  Thanks!
Comment 2 Brian Pepple 2007-11-30 09:54:13 EST
(In reply to comment #1)
> Brian, I've noticed new builds of 1.2.8 in Koji, which either failed or were
> canceled.  Please consider mentioning CVE id in the RPM changelog.  Thanks!

Yeah, the build is failing due to PulseAudio.  Once I figure out how to fix it,
I'll mention the CVE id in the changelog.
Comment 3 Ville Skyttä 2007-12-01 07:36:17 EST
1.2.8 apparently fixes CVE-2007-6201 too.
Comment 4 Robert Buchholz 2007-12-02 08:06:02 EST
See https://bugs.gentoo.org/200789 for more details on impact and exploitability.
Comment 5 Tomas Hoger 2007-12-03 06:15:47 EST
(In reply to comment #3)
> 1.2.8 apparently fixes CVE-2007-6201 too.

Right, two CVE ids were assigned for wesnoth vulnerabilities:

CVE-2007-5742:

Directory traversal vulnerability in the WML engine preprocessor for
Wesnoth before 1.2.8 allows remote attackers to read arbitrary files
via ".." sequences in unknown vectors.

References:
http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289
http://sourceforge.net/project/shownotes.php?release_id=557098
http://secunia.com/advisories/27786
http://www.frsirt.com/english/advisories/2007/4026
http://xforce.iss.net/xforce/xfdb/38752
http://www.securityfocus.com/bid/26626


CVE-2007-6201:

Unspecified vulnerability in Wesnoth before 1.2.8 allows attackers to
cause a denial of service (hang) via a "faulty add-on" and possibly
execute other commands via unknown vectors related to the turn_cmd
option.

References:
http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289
http://sourceforge.net/project/shownotes.php?release_id=557098
http://secunia.com/advisories/27786
http://www.frsirt.com/english/advisories/2007/4026
http://xforce.iss.net/xforce/xfdb/38751
Comment 6 Tomas Hoger 2007-12-03 06:26:10 EST
(In reply to comment #4)
> See https://bugs.gentoo.org/200789 for more details on impact and
> exploitability.

Thanks Robert!  Based on more information from Gentoo bug, this should probably
be low.

Comment 7 Fedora Update System 2007-12-03 06:39:59 EST
wesnoth-1.2.8-2.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 Fedora Update System 2007-12-03 06:40:20 EST
wesnoth-1.2.8-2.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.