MantisBT - Doomseeker |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0003665 | Doomseeker | [All Projects] Documentation | public | 2019-06-21 21:11 | 2020-01-30 12:58 |
|
| Reporter | WubTheCaptain | |
| Assigned To | | |
| Priority | high | Severity | feature | Reproducibility | N/A |
| Status | closed | Resolution | fixed | |
| Platform | | OS | | OS Version | |
| Product Version | 1.1 | |
| Target Version | 1.3 | Fixed in Version | 1.3.1 | |
|
| Summary | 0003665: Missing CVE Identifier for issue /tracker/view.php?id=3660 (remote denial of service in SRB2 engine plugin) |
| Description | Pertaining to Doomseeker 1.3 changelogs, I'd like to include a CVE Identifier to refer to the remote denial of service bug in SRB2 engine. I haven't requested one, but intend to do so. |
| Steps To Reproduce | See relationships of this issue. |
| Additional Information | A vulnerability was found in Sonic Robo Blast 2 (SRB2) plugin (EP_Versions 9 to 11 inclusive), distributed with Doomseeker 1.1 and 1.2. Affected plugin versions did not discard IP packets with an unnaturally long response length from a Sonic Robo Blast 2 master server, allowing a remote attacker to cause a potential crash / denial of service in Doomseeker.
The issue has been remediated in Doomseeker 1.3 release with source code patches to the SRB2 plugin (EP_Version 12).
References:
- https://bitbucket.org/Doomseeker/doomseeker/commits/b9a90f1f56e704c5cbeefe83da2f9ce939920278
- https://bitbucket.org/Doomseeker/doomseeker/commits/ae456aac888cb794ea3292f7f99cb87d6b22a555
- https://bitbucket.org/Doomseeker/doomseeker/pull-requests/74/more-openbsd-issues-3654-the-srb2-thingy/diff
- https://zandronum.com/tracker/view.php?id=3660
|
| Tags | No tags attached. |
| Relationships | | child of | 0003660 | closed | Pol M | SRB2 plugin: Mangled memory values (runtime crashes) |
|
| Attached Files |  CVE Request 712592 for CVE ID Request.eml (8,454) 2019-06-21 22:21
https://zandronum.com/tracker/file_download.php?file_id=2490&type=bug |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2019-06-21 21:11 | WubTheCaptain | New Issue | |
| 2019-06-21 21:11 | WubTheCaptain | Status | new => assigned |
| 2019-06-21 21:11 | WubTheCaptain | Assigned To | => WubTheCaptain |
| 2019-06-21 21:11 | WubTheCaptain | Relationship added | child of 0003660 |
| 2019-06-21 21:24 | WubTheCaptain | Note Added: 0020796 | |
| 2019-06-21 21:51 | WubTheCaptain | Additional Information Updated | bug_revision_view_page.php?rev_id=12661#r12661 |
| 2019-06-21 21:52 | WubTheCaptain | Additional Information Updated | bug_revision_view_page.php?rev_id=12662#r12662 |
| 2019-06-21 21:54 | WubTheCaptain | Additional Information Updated | bug_revision_view_page.php?rev_id=12663#r12663 |
| 2019-06-21 21:55 | WubTheCaptain | Steps to Reproduce Updated | bug_revision_view_page.php?rev_id=12665#r12665 |
| 2019-06-21 21:55 | WubTheCaptain | Additional Information Updated | bug_revision_view_page.php?rev_id=12666#r12666 |
| 2019-06-21 22:19 | WubTheCaptain | Note Added: 0020797 | |
| 2019-06-21 22:19 | WubTheCaptain | Status | assigned => needs review |
| 2019-06-21 22:21 | WubTheCaptain | File Added: CVE Request 712592 for CVE ID Request.eml | |
| 2019-06-21 22:24 | WubTheCaptain | Additional Information Updated | bug_revision_view_page.php?rev_id=12667#r12667 |
| 2019-06-21 22:37 | WubTheCaptain | Product Version | 1.2 => 1.1 |
| 2019-06-22 06:36 | Filystea | Note Added: 0020798 | |
| 2019-06-22 10:28 | WubTheCaptain | Note Deleted: 0020798 | |
| 2019-06-22 11:29 | WubTheCaptain | Additional Information Updated | bug_revision_view_page.php?rev_id=12672#r12672 |
| 2019-06-23 02:49 | WubTheCaptain | Note Added: 0020811 | |
| 2019-06-24 22:15 | WubTheCaptain | Note Added: 0020830 | |
| 2019-06-28 17:47 | WubTheCaptain | Note Added: 0020844 | |
| 2019-06-28 17:47 | WubTheCaptain | Assigned To | WubTheCaptain => |
| 2019-06-28 17:47 | WubTheCaptain | Status | needs review => needs testing |
| 2019-06-28 17:47 | WubTheCaptain | Note Edited: 0020844 | bug_revision_view_page.php?bugnote_id=20844#r12701 |
| 2019-06-28 20:45 | Filystea | Note Added: 0020845 | |
| 2019-06-30 05:46 | Zalewa | Status | needs testing => resolved |
| 2019-06-30 05:46 | Zalewa | Fixed in Version | => 1.3 |
| 2019-06-30 05:46 | Zalewa | Resolution | open => fixed |
| 2019-06-30 05:46 | Zalewa | Assigned To | => Zalewa |
| 2019-06-30 05:49 | Zalewa | Note Deleted: 0020845 | |
| 2019-07-28 01:52 | WubTheCaptain | Note Added: 0020925 | |
| 2019-07-28 01:52 | WubTheCaptain | Status | resolved => new |
| 2019-07-28 01:52 | WubTheCaptain | Resolution | fixed => reopened |
| 2019-07-28 01:52 | WubTheCaptain | Fixed in Version | 1.3 => |
| 2019-07-28 01:52 | WubTheCaptain | Target Version | 1.3 => |
| 2019-07-28 17:19 | Pol M | Assigned To | Zalewa => Pol M |
| 2019-07-28 17:19 | Pol M | Status | new => assigned |
| 2019-07-28 17:34 | Pol M | Note Added: 0020927 | |
| 2019-07-28 17:34 | Pol M | Status | assigned => needs review |
| 2019-07-28 19:41 | Pol M | Note Edited: 0020927 | bug_revision_view_page.php?bugnote_id=20927#r12750 |
| 2019-07-28 19:42 | Pol M | Status | needs review => resolved |
| 2019-07-28 19:42 | Pol M | Fixed in Version | => 1.3 |
| 2019-07-28 19:42 | Pol M | Resolution | reopened => fixed |
| 2019-07-29 01:05 | WubTheCaptain | Note Added: 0020930 | |
| 2019-07-29 01:05 | WubTheCaptain | Assigned To | Pol M => |
| 2019-07-29 01:05 | WubTheCaptain | Resolution | fixed => suspended |
| 2019-07-29 01:05 | WubTheCaptain | Fixed in Version | 1.3 => |
| 2019-08-01 05:00 | WubTheCaptain | Target Version | => 1.3.3 |
| 2019-08-01 05:01 | WubTheCaptain | Resolution | suspended => fixed |
| 2019-08-01 05:01 | WubTheCaptain | Fixed in Version | => 1.3.3 |
| 2019-08-01 05:01 | WubTheCaptain | Target Version | 1.3.3 => 1.3 |
| 2020-01-27 20:35 | WubTheCaptain | Fixed in Version | 1.3.3 => 1.3.1 |
| 2020-01-30 12:58 | WubTheCaptain | Status | resolved => closed |
|
Notes |
|
|
|
As far as I know, the SRB2 engine was released with Doomseeker 1.1. The vulnerability was fixed with two commits: b9a90f1f56e704c5cbeefe83da2f9ce939920278 and ae456aac888cb794ea3292f7f99cb87d6b22a555's change to src/plugins/srb2/srb2masterclient.cpp.
If Zalewa has an intention to release a Doomseeker 1.3 beta channel update, I can reference that as a version number where the bug is first fixed (for affected versions). |
|
|
|
|
|
CVE ID requested, waiting. |
|
|
|
|
Quote from WubTheCaptain
CVE ID requested, waiting.
I am still waiting for a response, which may take until early next week (Monday-ish?). |
|
|
|
|
|
Nothing to report yet. I'll give it few more days. |
|
|
|
|
Use CVE-2019-12968.
(Someone acknowledge this issue by setting its status to resolved, thanks!)
|
|
|
|
|
Reopening.
This didn't make it to the changelogs of Doomseeker 1.3 stable release. What do? |
|
|
|
(0020927)
|
|
Pol M
|
2019-07-28 17:34
(edited on: 2019-07-28 19:41) |
|
|
|
|
|
|
suspending until we have a tag for new target version/fixed in version |
|