This host is running Freeciv and is prone to multiple denial of service vulnerabilities.

Successful exploitation will allow attackers to cause denial of service condition. Impact Level: Application

Update to version 2.2.2 or later, For updates refer to http://www.freeciv.org

- Malloc exception in 'jumbo' packet within the common/packet.c. Endless loop in packets PACKET_PLAYER_INFO, PACKET_GAME_INFO, PACKET_EDIT_PLAYER_CREATE, PACKET_EDIT_PLAYER_REMOVE, PACKET_EDIT_CITY and PACKET_EDIT_PLAYER use some particular functions that can be tricked into an endless loop that freezes the server with CPU at 100%.

Freeciv Version 2.2.1 and prior

• http://aluigi.altervista.org/adv/freecivet-adv.txt
• http://aluigi.org/poc/freecivet.zip

---

Updated on 2015-03-25