Bug 260956 (CVE-2006-6226)

Summary:	dev-games/neoengine Multiple vulnerabilities (CVE-2006-{6226,6227})
Product:	Gentoo Security	Reporter:	Robert Buchholz (RETIRED) <rbu>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	trivial	CC:	games, treecleaner
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://aluigi.altervista.org/adv/neoenginex-adv.txt
Whiteboard:	~1 [pmasked]
Package list:		Runtime testing required:	---

Description Robert Buchholz (RETIRED) gentoo-dev

2009-03-02 16:06:30 UTC

CVE-2006-6226 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6226):
  Multiple format string vulnerabilities in NeoEngine 0.8.2 and
  earlier, and CVS 3422, allow remote attackers to cause a denial of
  service and possibly execute arbitrary code via (1) Console::Render
  in neoengine/console.cpp and (2) TextArea::Render in
  neowtk/textarea.cpp.

CVE-2006-6227 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6227):
  The Core::Receive function in neonet/core.cpp for NeoEngine 0.8.2 and
  earlier, and CVS 3422, allow remote attackers to cause a denial of
  service (engine crash) via a message with a large uiMessageLength
  that produces a failed memory allocation and a null pointer
  dereference.

Comment 1 Chris Reffett (RETIRED) gentoo-dev

2013-09-03 02:36:33 UTC

There appears to be no fix for this. Only rdep is neotools. I'm fine with p.mask or removal. @games: thoughts?

Comment 2 Mr. Bones. (RETIRED) gentoo-dev

2013-09-03 03:54:54 UTC

it looks dead.  Go ahead and punt them both.

Comment 3 Chris Reffett (RETIRED) gentoo-dev

2013-09-03 04:06:17 UTC

# Chris Reffett <creffett@gentoo.org> (03 Sep 2012)
# Dead upstream, outstanding security bug #260956.
# Masked for removal in 30 days.
dev-games/neoengine
dev-games/neotools

Comment 4 Chris Reffett (RETIRED) gentoo-dev

2013-10-03 04:41:23 UTC

Punted from tree.