CVE-2005-2764 (vulnerable 0.1.0 - fixed 0.4.5)

Short description: Multiple buffer overflows

Official CVE-2005-2764 entry at cve.mitre.org.

Related bug reports:

  • There are no related bugs.

Related commits:

Patches: (sometimes more fuzz is needed to apply them)

Multiple format string vulnerabilities that allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

Attached are patches for some vulnerable versions. Versions from before 0.3.5 had no (good) functioning network play. Making patches for those versions is quite easy as it is replacing "vsprintf(a" with "vsnprintf(a, sizeof(a)".

Note: this is a partial backport of trunk r2899.