Pioneers: Multiple Denials of Service
Gentoo Linux Security Advisory
||GLSA 200711-20 / pioneers
||November 14, 2007
||November 29, 2007: 04
All supported architectures
Two Denial of Service vulnerabilities were discovered in Pioneers.
Pioneers (formerly gnocatan) is a clone of the popular board game "The
Settlers of Catan".
Roland Clobus discovered that the Pioneers server may free sessions
objects while they are still in use, resulting in access to invalid
memory zones (CVE-2007-5933). Bas Wijnen discovered an error when
closing connections which can lead to a failed assertion
A remote attacker could send specially crafted data to the vulnerable
server, resulting in a Denial of Service.
There is no known workaround at this time.
All Pioneers users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=games-board/pioneers-0.11.3-r1"