Bug 405661 (CVE-2007-5742) - CVE-2007-5742, CVE-2007-6201 wesnoth: multiple vulnerabilities
Summary: CVE-2007-5742, CVE-2007-6201 wesnoth: multiple vulnerabilities
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2007-5742
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Brian Pepple
QA Contact:
URL: http://nvd.nist.gov/nvd.cfm?cvename=C...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-11-30 09:30 UTC by Tomas Hoger
Modified: 2019-09-29 12:22 UTC (History)
2 users (show)

Fixed In Version: 1.2.8-2.fc8
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-12-03 11:40:21 UTC
Embargoed:

Attachments (Terms of Use)

Description Tomas Hoger 2007-11-30 09:30:12 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-5742 to the following vulnerability:

Versions prior to 1.2.8 and development branches prior to 1.3.12 are affected
by a security vulneratiliby which allows attackers to view the content of files
on the remote computer running Wesnoth.

References:
http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289
http://secunia.com/advisories/27786/
Comment 1 Tomas Hoger 2007-11-30 09:33:29 UTC 
Brian, I've noticed new builds of 1.2.8 in Koji, which either failed or were
canceled.  Please consider mentioning CVE id in the RPM changelog.  Thanks!
Comment 2 Brian Pepple 2007-11-30 14:54:13 UTC 
(In reply to comment #1)
> Brian, I've noticed new builds of 1.2.8 in Koji, which either failed or were
> canceled.  Please consider mentioning CVE id in the RPM changelog.  Thanks!

Yeah, the build is failing due to PulseAudio.  Once I figure out how to fix it,
I'll mention the CVE id in the changelog.
Comment 3 Ville Skyttä 2007-12-01 12:36:17 UTC 
1.2.8 apparently fixes CVE-2007-6201 too.
Comment 4 Robert Buchholz 2007-12-02 13:06:02 UTC 
See https://bugs.gentoo.org/200789 for more details on impact and exploitability.
Comment 5 Tomas Hoger 2007-12-03 11:15:47 UTC 
(In reply to comment #3)
> 1.2.8 apparently fixes CVE-2007-6201 too.

Right, two CVE ids were assigned for wesnoth vulnerabilities:

CVE-2007-5742:

Directory traversal vulnerability in the WML engine preprocessor for
Wesnoth before 1.2.8 allows remote attackers to read arbitrary files
via ".." sequences in unknown vectors.

References:
http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289
http://sourceforge.net/project/shownotes.php?release_id=557098
http://secunia.com/advisories/27786
http://www.frsirt.com/english/advisories/2007/4026
http://xforce.iss.net/xforce/xfdb/38752
http://www.securityfocus.com/bid/26626


CVE-2007-6201:

Unspecified vulnerability in Wesnoth before 1.2.8 allows attackers to
cause a denial of service (hang) via a "faulty add-on" and possibly
execute other commands via unknown vectors related to the turn_cmd
option.

References:
http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289
http://sourceforge.net/project/shownotes.php?release_id=557098
http://secunia.com/advisories/27786
http://www.frsirt.com/english/advisories/2007/4026
http://xforce.iss.net/xforce/xfdb/38751
Comment 6 Tomas Hoger 2007-12-03 11:26:10 UTC 
(In reply to comment #4)
> See https://bugs.gentoo.org/200789 for more details on impact and
> exploitability.

Thanks Robert!  Based on more information from Gentoo bug, this should probably
be low.
Comment 7 Fedora Update System 2007-12-03 11:39:59 UTC 
wesnoth-1.2.8-2.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 Fedora Update System 2007-12-03 11:40:20 UTC 
wesnoth-1.2.8-2.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.