Bug 141121

Summary: bzflag remote dos
Product: [openSUSE] SUSE Linux 10.1 Reporter: Marcus Meissner <meissner>
Component: NetworkAssignee: Hendrik Vogelsang <hvogel>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: security-team
Version: Alpha 4   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVE-2005-4584: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: proposed patch

Description Marcus Meissner 2005-12-30 08:55:47 UTC 
CVE-2005-4584

BZFlag server 2.0.4 and earlier allows remote attackers to cause a
denial of service (application crash) via a callsign that is not
followed by a NULL (\0) character.


(not sure we want to update this for older distros)
Comment 1 Ludwig Nussel 2006-01-02 09:43:55 UTC 
It's just a game and just a DoS. I vote for STABLE only.
Comment 2 Hendrik Vogelsang 2006-02-01 13:17:34 UTC 
ill have a look
Comment 3 Hendrik Vogelsang 2006-02-01 17:48:45 UTC 
Created attachment 66061 [details]
proposed patch
Comment 4 Marcus Meissner 2006-02-02 17:03:05 UTC 
patch looks fine to me.
Comment 5 Hendrik Vogelsang 2006-02-06 11:18:30 UTC 
submitted
Comment 6 Thomas Biege 2009-10-13 20:46:11 UTC 
CVE-2005-4584: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)