[gentoo-announce] [ GLSA 200702-10 ] UFO2000: Multiple vulnerabilities - gentoo-announce

From:	Raphael Marichez <falco@g.o>
To:	gentoo-announce@g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200702-10 ] UFO2000: Multiple vulnerabilities
Date:	Sun, 25 Feb 2007 16:35:23
Message-Id:	`20070225161143.GE23894@falco.falcal.net`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 200702-10

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

  Severity: Normal

8

     Title: UFO2000: Multiple vulnerabilities

9

      Date: February 25, 2007

10

      Bugs: #142392

11

        ID: 200702-10

12

13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

14

15

Synopsis

16

========

17

18

Multiple vulnerabilities have been found in the network components of

19

UFO2000 that could result in the remote execution of arbitrary code.

20

21

Background

22

==========

23

24

UFO2000 is a multi-player, turn-based tactical simulation.

25

26

Affected packages

27

=================

28

29

    -------------------------------------------------------------------

30

     Package                 /  Vulnerable  /               Unaffected

31

    -------------------------------------------------------------------

32

  1  games-strategy/ufo2000     < 0.7.1062                 >= 0.7.1062

33

34

Description

35

===========

36

37

Five vulnerabilities were found: a buffer overflow in recv_add_unit();

38

a problem with improperly trusting user-supplied string information in

39

decode_stringmap(); several issues with array manipulation via various

40

commands during play; an SQL injection in server_protocol.cpp; and

41

finally, a second buffer overflow in recv_map_data().

42

43

Impact

44

======

45

46

An attacker could send crafted network traffic as part of a

47

multi-player game that could result in remote code execution on the

48

remote opponent or the server. A remote attacker could also run

49

arbitrary SQL queries against the server account database, and perform

50

a Denial of Service on a remote opponent by causing the game to crash.

51

52

Workaround

53

==========

54

55

There is no known workaround at this time.

56

57

Resolution

58

==========

59

60

UFO2000 currently depends on the dumb-0.9.2 library, which has been

61

removed from portage due to security problems (GLSA 200608-14) .

62

Because of this, UFO2000 has been masked, and we recommend unmerging

63

the package until the next beta release can remove the dependency on

64

dumb.

65

66

    # emerge --ask --verbose --unmerge ufo2000

67

68

References

69

==========

70

71

  [ 1 ] CVE-2006-3788

72

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3788

73

  [ 2 ] CVE-2006-3789

74

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3789

75

  [ 3 ] CVE-2006-3790

76

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3790

77

  [ 4 ] CVE-2006-3791

78

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3791

79

  [ 5 ] CVE-2006-3792

80

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3792

81

  [ 6 ] GLSA 200608-14

82

        http://www.gentoo.org/security/en/glsa/glsa-200608-14.xml

83

84

Availability

85

============

86

87

This GLSA and any updates to it are available for viewing at

88

the Gentoo Security Website:

89

90

  http://security.gentoo.org/glsa/glsa-200702-10.xml

91

92

Concerns?

93

=========

94

95

Security is a primary focus of Gentoo Linux and ensuring the

96

confidentiality and security of our users machines is of utmost

97

importance to us. Any security concerns should be addressed to

98

security@g.o or alternatively, you may file a bug at

99

http://bugs.gentoo.org.

100

101

License

102

=======

103

104

Copyright 2007 Gentoo Foundation, Inc; referenced text

105

belongs to its owner(s).

106

107

The contents of this document are licensed under the

108

Creative Commons - Attribution / Share Alike license.

109

110

http://creativecommons.org/licenses/by-sa/2.5

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 200702-10
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: UFO2000: Multiple vulnerabilities
9	Date: February 25, 2007
10	Bugs: #142392
11	ID: 200702-10
12
13	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15	Synopsis
16	========
17
18	Multiple vulnerabilities have been found in the network components of
19	UFO2000 that could result in the remote execution of arbitrary code.
20
21	Background
22	==========
23
24	UFO2000 is a multi-player, turn-based tactical simulation.
25
26	Affected packages
27	=================
28
29	-------------------------------------------------------------------
30	Package / Vulnerable / Unaffected
31	-------------------------------------------------------------------
32	1 games-strategy/ufo2000 < 0.7.1062 >= 0.7.1062
33
34	Description
35	===========
36
37	Five vulnerabilities were found: a buffer overflow in recv_add_unit();
38	a problem with improperly trusting user-supplied string information in
39	decode_stringmap(); several issues with array manipulation via various
40	commands during play; an SQL injection in server_protocol.cpp; and
41	finally, a second buffer overflow in recv_map_data().
42
43	Impact
44	======
45
46	An attacker could send crafted network traffic as part of a
47	multi-player game that could result in remote code execution on the
48	remote opponent or the server. A remote attacker could also run
49	arbitrary SQL queries against the server account database, and perform
50	a Denial of Service on a remote opponent by causing the game to crash.
51
52	Workaround
53	==========
54
55	There is no known workaround at this time.
56
57	Resolution
58	==========
59
60	UFO2000 currently depends on the dumb-0.9.2 library, which has been
61	removed from portage due to security problems (GLSA 200608-14) .
62	Because of this, UFO2000 has been masked, and we recommend unmerging
63	the package until the next beta release can remove the dependency on
64	dumb.
65
66	# emerge --ask --verbose --unmerge ufo2000
67
68	References
69	==========
70
71	[ 1 ] CVE-2006-3788
72	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3788
73	[ 2 ] CVE-2006-3789
74	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3789
75	[ 3 ] CVE-2006-3790
76	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3790
77	[ 4 ] CVE-2006-3791
78	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3791
79	[ 5 ] CVE-2006-3792
80	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3792
81	[ 6 ] GLSA 200608-14
82	http://www.gentoo.org/security/en/glsa/glsa-200608-14.xml
83
84	Availability
85	============
86
87	This GLSA and any updates to it are available for viewing at
88	the Gentoo Security Website:
89
90	http://security.gentoo.org/glsa/glsa-200702-10.xml
91
92	Concerns?
93	=========
94
95	Security is a primary focus of Gentoo Linux and ensuring the
96	confidentiality and security of our users machines is of utmost
97	importance to us. Any security concerns should be addressed to
98	security@g.o or alternatively, you may file a bug at
99	http://bugs.gentoo.org.
100
101	License
102	=======
103
104	Copyright 2007 Gentoo Foundation, Inc; referenced text
105	belongs to its owner(s).
106
107	The contents of this document are licensed under the
108	Creative Commons - Attribution / Share Alike license.
109
110	http://creativecommons.org/licenses/by-sa/2.5

Gentoo Archives: gentoo-announce