6 results (0.009 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL. Freeciv versiones anteriores a 2.6.7 y anteriores a 3.0.3, es propenso a una vulnerabilidad de desbordamiento de búfer en el manejo de la URL del modpack por parte de la utilidad Modpack Installer • http://www.openwall.com/lists/oss-security/2022/08/31/1 https://bugs.debian.org/1017579 https://osdn.net/projects/freeciv/ticket/45299 https://www.openwall.com/lists/oss-security/2022/08/05/1 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 1

Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet. Freeciv versiones anteriores a 2.3.3, permite a atacantes remotos causar una denegación de servicio por medio de un paquete diseñado. • https://www.exploit-db.com/exploits/34249 http://www.openwall.com/lists/oss-security/2012/12/31/2 https://freeciv.fandom.com/wiki/NEWS-2.3.3 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 0

A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption. Se encontró un fallo de denegación de servicio en la manera en que el componente Freeciv del servidor versiones anteriores a la versión 2.3.4 procesaba ciertos paquetes. Un atacante remoto podría enviar un paquete especialmente diseñado que, cuando se procese, conllevaría al agotamiento de la memoria o el consumo excesivo de la CPU. • http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095378.html http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095381.html http://lists.fedoraproject.org/pipermail/package-announce/2013-January/096391.html http://www.openwall.com/lists/oss-security/2012/12/18/5 http://www.openwall.com/lists/oss-security/2012/12/22/4 http://www.openwall.com/lists/oss-security/2012/12/30/11 http://www.openwall.com/lists/oss-security/2012/12/30/8 http:&#x • CWE-400: Uncontrolled Resource Consumption •

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions. freeciv versión 2.2 anterior a 2.2.1 y versión 2.3 anterior a 2.3.0, permite a los atacantes leer archivos arbitrarios o ejecutar comandos arbitrarios por medio de un argumento que contiene la funcionalidad Lua, relacionada con los módulos o funciones (1) os, (2) io, (3) package, (4 ) dofile, (5) loadfile, (6) loadlib, (7) module, y (8) require. • http://gna.org/bugs/?15624 http://packetstormsecurity.com/files/163311/Android-2.0-FreeCIV-Arbitrary-Code-Execution.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:205 http://www.openwall.com/lists/oss-security/2010/06/09/4 http://www.openwall.com/lists/oss-security/2010/06/24/5 http://www.osvdb.org/65192 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 2

Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_player_attribute_chunk function in common/packets.c, and (3) a large packet->length value in the handle_unit_orders function in server/unithand.c. Desbordamiento de búfer en Freeciv 2.1.0-beta1 y anteriores, y SVN 15 Jul 2006 y anteriores, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante (1) un valor chunk_length (longitud de pedazo) negativo o (2) un valor grande de chunk->offset (desplazamiento de pedazo) en un paquete PACKET_PLAYER_ATTRIBUTE_CHUNK para la función generic_handle_player_attribute_chunk de common/packets.c, y (3) un valor grande de packet->length (longitud de paquete) en la función handle_unit_orders de server/unithand.c. • http://aluigi.altervista.org/adv/freecivx-adv.txt http://secunia.com/advisories/21171 http://secunia.com/advisories/21254 http://secunia.com/advisories/21352 http://securityreason.com/securityalert/1296 http://www.debian.org/security/2006/dsa-1142 http://www.mandriva.com/security/advisories?name=MDKSA-2006:135 http://www.securityfocus.com/archive/1/441042/100/0/threaded http://www.securityfocus.com/bid/19117 http://www.vupen.com/english/advisories/2006/2942 https://exchange& •