[Pkg-games-ubuntu] [Bug 970819] Re: multiple security vulnerabilities
Marc Deslauriers
marc.deslauriers at canonical.com
Fri Apr 6 17:05:59 UTC 2012
** Changed in: tremulous (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of
Debian/Ubuntu Games Team, which is subscribed to tremulous in Ubuntu.
https://bugs.launchpad.net/bugs/970819
Title:
multiple security vulnerabilities
Status in “tremulous” package in Ubuntu:
Confirmed
Bug description:
Please consider syncing tremulous/1.1.0-8 from Debian unstable into
all supported Ubuntu versions. It fixes:
- CVE-2006-2082: arbitrary file download from server by a malicious client
(Closes: #660831)
- CVE-2006-2236 ("the remapShader exploit"): missing bounds-checking on
COM_StripExtension, exploitable in clients of a malicious server
(Closes: #660827)
- CVE-2006-2875 ("q3cbof"): buffer overflow in CL_ParseDownload by a
malicious server (Closes: #660830)
- CVE-2006-3324: arbitrary file overwriting in clients of a malicious
server (Closes: #660832)
- CVE-2006-3325: arbitrary cvar overwriting (could lead to arbitrary
code execution) in clients of a malicious server (Closes: #660834)
- CVE-2011-3012, CVE-2011-2764: DLL overwriting (leading to arbitrary
code execution) in clients of a malicious server if auto-downloading
is enabled (Closes: #660836)
- a potential buffer overflow in error
handling (not known to be exploitable, but it can't hurt)
- non-literal format strings (again, none are known to be
exploitable)
- CVE-2010-5077, use of Tremulous servers by third parties to perform
reflected DoS attacks
It also disables auto-downloading to mitigate any future security
vulnerabilities.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tremulous/+bug/970819/+subscriptions
More information about the Pkg-games-ubuntu
mailing list