Search criteria
40 vulnerabilities found for openttd by openttd
CVE-2012-0049 (GCVE-0-2012-0049)
Vulnerability from nvd – Published: 2019-11-07 17:13 – Updated: 2024-08-06 18:09
VLAI?
Summary
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
Severity ?
No CVSS data available.
CWE
- Other
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:17.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "openttd",
"vendor": "openttd",
"versions": [
{
"status": "affected",
"version": "1.1.5"
}
]
}
],
"datePublic": "2012-01-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-07T17:13:26",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/9"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0049",
"datePublished": "2019-11-07T17:13:26",
"dateReserved": "2011-12-07T00:00:00",
"dateUpdated": "2024-08-06T18:09:17.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6411 (GCVE-0-2013-6411)
Vulnerability from nvd – Published: 2013-12-14 17:00 – Updated: 2024-08-06 17:39
VLAI?
Summary
The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:39:01.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "56218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56218"
},
{
"name": "64003",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64003"
},
{
"name": "openttd-cve20136411-dos(89334)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89334"
},
{
"name": "openSUSE-SU-2013:1932",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html"
},
{
"name": "55589",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55589"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/26134"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openttd.org/en/CVE-2013-6411"
},
{
"name": "[oss-security] 20131129 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q4/375"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/5820"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "56218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56218"
},
{
"name": "64003",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64003"
},
{
"name": "openttd-cve20136411-dos(89334)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89334"
},
{
"name": "openSUSE-SU-2013:1932",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html"
},
{
"name": "55589",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55589"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/26134"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openttd.org/en/CVE-2013-6411"
},
{
"name": "[oss-security] 20131129 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q4/375"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/5820"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-6411",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56218"
},
{
"name": "64003",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64003"
},
{
"name": "openttd-cve20136411-dos(89334)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89334"
},
{
"name": "openSUSE-SU-2013:1932",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html"
},
{
"name": "55589",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55589"
},
{
"name": "http://vcs.openttd.org/svn/changeset/26134",
"refsource": "CONFIRM",
"url": "http://vcs.openttd.org/svn/changeset/26134"
},
{
"name": "https://security.openttd.org/en/CVE-2013-6411",
"refsource": "CONFIRM",
"url": "https://security.openttd.org/en/CVE-2013-6411"
},
{
"name": "[oss-security] 20131129 Re: CVE request for OpenTTD",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2013/q4/375"
},
{
"name": "http://bugs.openttd.org/task/5820",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/5820"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-6411",
"datePublished": "2013-12-14T17:00:00",
"dateReserved": "2013-11-04T00:00:00",
"dateUpdated": "2024-08-06T17:39:01.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3436 (GCVE-0-2012-3436)
Vulnerability from nvd – Published: 2012-10-09 18:00 – Updated: 2024-08-06 20:05
VLAI?
Summary
OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "50042",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50042"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2012-3436"
},
{
"name": "[oss-security] 20120728 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/28/7"
},
{
"name": "openSUSE-SU-2012:1063",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00043.html"
},
{
"name": "54720",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54720"
},
{
"name": "[oss-security] 20120731 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/31/5"
},
{
"name": "openttd-water-dos(77266)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77266"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/24449"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/5254"
},
{
"name": "[oss-security] 20120727 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/27/5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/24439"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to \"the water/coast aspect of tiles which also have railtracks on one half.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "50042",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50042"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2012-3436"
},
{
"name": "[oss-security] 20120728 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/28/7"
},
{
"name": "openSUSE-SU-2012:1063",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00043.html"
},
{
"name": "54720",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54720"
},
{
"name": "[oss-security] 20120731 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/31/5"
},
{
"name": "openttd-water-dos(77266)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77266"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/24449"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/5254"
},
{
"name": "[oss-security] 20120727 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/27/5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/24439"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3436",
"datePublished": "2012-10-09T18:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0048 (GCVE-0-2012-0048)
Vulnerability from nvd – Published: 2012-08-25 10:00 – Updated: 2024-09-16 20:27
VLAI?
Summary
OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a "slow read" attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:17.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20120113 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4955"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"name": "DSA-2524",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"name": "50137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50137"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/23764"
},
{
"name": "[oss-security] 20120107 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/07/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a \"slow read\" attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-25T10:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20120113 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4955"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"name": "DSA-2524",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"name": "50137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50137"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/23764"
},
{
"name": "[oss-security] 20120107 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/07/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a \"slow read\" attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120113 Re: CVE request for OpenTTD",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/8"
},
{
"name": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303",
"refsource": "MISC",
"url": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303"
},
{
"name": "http://bugs.openttd.org/task/4955",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/4955"
},
{
"name": "http://security.openttd.org/en/CVE-2012-0049",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"name": "DSA-2524",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"name": "50137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50137"
},
{
"name": "http://vcs.openttd.org/svn/changeset/23764",
"refsource": "CONFIRM",
"url": "http://vcs.openttd.org/svn/changeset/23764"
},
{
"name": "[oss-security] 20120107 CVE request for OpenTTD",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/07/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0048",
"datePublished": "2012-08-25T10:00:00Z",
"dateReserved": "2011-12-07T00:00:00Z",
"dateUpdated": "2024-09-16T20:27:57.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3343 (GCVE-0-2011-3343)
Vulnerability from nvd – Published: 2011-09-08 18:00 – Updated: 2024-08-06 23:29
VLAI?
Summary
Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2011-3343"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4746"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4747"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2011-3343"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4746"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4747"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3343",
"datePublished": "2011-09-08T18:00:00",
"dateReserved": "2011-08-30T00:00:00",
"dateUpdated": "2024-08-06T23:29:56.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3342 (GCVE-0-2011-3342)
Vulnerability from nvd – Published: 2011-09-08 18:00 – Updated: 2024-08-06 23:29
VLAI?
Summary
Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2011-3342"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4748"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4717"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2011-3342"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4748"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4717"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3342",
"datePublished": "2011-09-08T18:00:00",
"dateReserved": "2011-08-30T00:00:00",
"dateUpdated": "2024-08-06T23:29:56.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3341 (GCVE-0-2011-3341)
Vulnerability from nvd – Published: 2011-09-08 18:00 – Updated: 2024-08-06 23:29
VLAI?
Summary
Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46075"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4745"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2011-3341"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4745/getfile/7707/fixcmds.diff"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46075"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4745"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2011-3341"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4745/getfile/7707/fixcmds.diff"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3341",
"datePublished": "2011-09-08T18:00:00",
"dateReserved": "2011-08-30T00:00:00",
"dateUpdated": "2024-08-06T23:29:56.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4168 (GCVE-0-2010-4168)
Vulnerability from nvd – Published: 2010-11-17 15:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42578",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42578"
},
{
"name": "ADV-2010-2985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2985"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-4168"
},
{
"name": "FEDORA-2010-18572",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052193.html"
},
{
"name": "[oss-security] 20101115 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128984298802678\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/patch/28.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/21182"
},
{
"name": "44844",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44844"
},
{
"name": "FEDORA-2010-18571",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052187.html"
},
{
"name": "[oss-security] 20101114 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128975491407670\u0026w=2"
},
{
"name": "ADV-2010-3199",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3199"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-18T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "42578",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42578"
},
{
"name": "ADV-2010-2985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2985"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-4168"
},
{
"name": "FEDORA-2010-18572",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052193.html"
},
{
"name": "[oss-security] 20101115 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128984298802678\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/patch/28.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/21182"
},
{
"name": "44844",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44844"
},
{
"name": "FEDORA-2010-18571",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052187.html"
},
{
"name": "[oss-security] 20101114 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128975491407670\u0026w=2"
},
{
"name": "ADV-2010-3199",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3199"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4168",
"datePublished": "2010-11-17T15:00:00",
"dateReserved": "2010-11-04T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2534 (GCVE-0-2010-2534)
Vulnerability from nvd – Published: 2010-07-27 22:00 – Updated: 2024-08-07 02:39
VLAI?
Summary
The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openttd-networksynccommandqueue-dos(60568)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60568"
},
{
"name": "FEDORA-2010-11450",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044565.html"
},
{
"name": "ADV-2010-1888",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1888"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3909/getfile/6237/loop_fix.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-2534"
},
{
"name": "[oss-security] 20100720 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/07/20/1"
},
{
"name": "FEDORA-2010-11401",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044516.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3909"
},
{
"name": "41804",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/41804"
},
{
"name": "66503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/66503"
},
{
"name": "40760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40760"
},
{
"name": "40630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40630"
},
{
"name": "ADV-2010-1916",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1916"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openttd-networksynccommandqueue-dos(60568)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60568"
},
{
"name": "FEDORA-2010-11450",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044565.html"
},
{
"name": "ADV-2010-1888",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1888"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.openttd.org/task/3909/getfile/6237/loop_fix.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-2534"
},
{
"name": "[oss-security] 20100720 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/07/20/1"
},
{
"name": "FEDORA-2010-11401",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044516.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/3909"
},
{
"name": "41804",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/41804"
},
{
"name": "66503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/66503"
},
{
"name": "40760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40760"
},
{
"name": "40630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40630"
},
{
"name": "ADV-2010-1916",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1916"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2534",
"datePublished": "2010-07-27T22:00:00",
"dateReserved": "2010-06-30T00:00:00",
"dateUpdated": "2024-08-07T02:39:37.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0406 (GCVE-0-2010-0406)
Vulnerability from nvd – Published: 2010-05-04 18:00 – Updated: 2024-09-16 18:34
VLAI?
Summary
OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-0406"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-04T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/3785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-0406"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0406",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://bugs.openttd.org/task/3785",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/3785"
},
{
"name": "http://security.openttd.org/en/CVE-2010-0406",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0406"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0406",
"datePublished": "2010-05-04T18:00:00Z",
"dateReserved": "2010-01-27T00:00:00Z",
"dateUpdated": "2024-09-16T18:34:55.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0402 (GCVE-0-2010-0402)
Vulnerability from nvd – Published: 2010-05-04 18:00 – Updated: 2024-09-16 20:12
VLAI?
Summary
OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-0402"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-04T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-0402"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0402",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://security.openttd.org/en/CVE-2010-0402",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0402"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0402",
"datePublished": "2010-05-04T18:00:00Z",
"dateReserved": "2010-01-27T00:00:00Z",
"dateUpdated": "2024-09-16T20:12:54.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0401 (GCVE-0-2010-0401)
Vulnerability from nvd – Published: 2010-05-04 18:00 – Updated: 2024-09-16 17:48
VLAI?
Summary
OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3754"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-04T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/3754"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0401",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security.openttd.org/en/CVE-2010-0401",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://bugs.openttd.org/task/3754",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/3754"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0401",
"datePublished": "2010-05-04T18:00:00Z",
"dateReserved": "2010-01-27T00:00:00Z",
"dateUpdated": "2024-09-16T17:48:46.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4007 (GCVE-0-2009-4007)
Vulnerability from nvd – Published: 2009-12-28 19:00 – Updated: 2024-08-07 06:45
VLAI?
Summary
Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:50.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
},
{
"name": "37487",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37487"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
},
{
"name": "61356",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/61356"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openttd.org/en/news/112"
},
{
"name": "[oss-security] 20091224 OpenTTD remote DoS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
},
{
"name": "37929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37929"
},
{
"name": "37984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37984"
},
{
"name": "ADV-2009-3645",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3645"
},
{
"name": "FEDORA-2010-0135",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
},
{
"name": "FEDORA-2010-0144",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-12-31T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
},
{
"name": "37487",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37487"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
},
{
"name": "61356",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/61356"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openttd.org/en/news/112"
},
{
"name": "[oss-security] 20091224 OpenTTD remote DoS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
},
{
"name": "37929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37929"
},
{
"name": "37984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37984"
},
{
"name": "ADV-2009-3645",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3645"
},
{
"name": "FEDORA-2010-0135",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
},
{
"name": "FEDORA-2010-0144",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp",
"refsource": "CONFIRM",
"url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
},
{
"name": "37487",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37487"
},
{
"name": "http://binaries.openttd.org/releases/0.7.5/changelog.txt",
"refsource": "CONFIRM",
"url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
},
{
"name": "61356",
"refsource": "OSVDB",
"url": "http://osvdb.org/61356"
},
{
"name": "http://www.openttd.org/en/news/112",
"refsource": "CONFIRM",
"url": "http://www.openttd.org/en/news/112"
},
{
"name": "[oss-security] 20091224 OpenTTD remote DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
},
{
"name": "37929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37929"
},
{
"name": "37984",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37984"
},
{
"name": "ADV-2009-3645",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3645"
},
{
"name": "FEDORA-2010-0135",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
},
{
"name": "FEDORA-2010-0144",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4007",
"datePublished": "2009-12-28T19:00:00",
"dateReserved": "2009-11-19T00:00:00",
"dateUpdated": "2024-08-07T06:45:50.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3547 (GCVE-0-2008-3547)
Vulnerability from nvd – Published: 2009-03-10 21:00 – Updated: 2024-08-07 09:45
VLAI?
Summary
Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121790659421159\u0026w=2"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "[oss-security] 20080807 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121814230706576\u0026w=2"
},
{
"name": "[oss-security] 20080804 CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121787604812284\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-companies-clients-bo(49221)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49221"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121797672406282\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/493714"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for \"companies and clients.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121790659421159\u0026w=2"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "[oss-security] 20080807 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121814230706576\u0026w=2"
},
{
"name": "[oss-security] 20080804 CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121787604812284\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-companies-clients-bo(49221)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49221"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121797672406282\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/493714"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for \"companies and clients.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34161"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121790659421159\u0026w=2"
},
{
"name": "GLSA-200903-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "[oss-security] 20080807 Re: CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121814230706576\u0026w=2"
},
{
"name": "[oss-security] 20080804 CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121787604812284\u0026w=2"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=617243",
"refsource": "MISC",
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-companies-clients-bo(49221)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49221"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121797672406282\u0026w=2"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=233929",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"name": "http://bugs.debian.org/493714",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/493714"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3547",
"datePublished": "2009-03-10T21:00:00",
"dateReserved": "2008-08-07T00:00:00",
"dateUpdated": "2024-08-07T09:45:18.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3577 (GCVE-0-2008-3577)
Vulnerability from nvd – Published: 2008-08-10 21:00 – Updated: 2024-08-07 09:45
VLAI?
Summary
Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-ttdmain-bo(44436)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44436"
},
{
"name": "30525",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30525"
},
{
"name": "ADV-2008-2285",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2285"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the \"-g\" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-ttdmain-bo(44436)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44436"
},
{
"name": "30525",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30525"
},
{
"name": "ADV-2008-2285",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2285"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the \"-g\" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34161"
},
{
"name": "GLSA-200903-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=617243",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-ttdmain-bo(44436)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44436"
},
{
"name": "30525",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30525"
},
{
"name": "ADV-2008-2285",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2285"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=233929",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3577",
"datePublished": "2008-08-10T21:00:00",
"dateReserved": "2008-08-10T00:00:00",
"dateUpdated": "2024-08-07T09:45:18.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3576 (GCVE-0-2008-3576)
Vulnerability from nvd – Published: 2008-08-10 21:00 – Updated: 2024-08-07 09:45
VLAI?
Summary
Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "31350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31350"
},
{
"name": "30525",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30525"
},
{
"name": "ADV-2008-2285",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2285"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openttd.org/index.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"name": "openttd-truncatestring-bo(44168)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44168"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "31350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31350"
},
{
"name": "30525",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30525"
},
{
"name": "ADV-2008-2285",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2285"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openttd.org/index.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"name": "openttd-truncatestring-bo(44168)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44168"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3576",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34161"
},
{
"name": "GLSA-200903-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=617243",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "31350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31350"
},
{
"name": "30525",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30525"
},
{
"name": "ADV-2008-2285",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2285"
},
{
"name": "http://www.openttd.org/index.php",
"refsource": "CONFIRM",
"url": "http://www.openttd.org/index.php"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=233929",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"name": "openttd-truncatestring-bo(44168)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44168"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3576",
"datePublished": "2008-08-10T21:00:00",
"dateReserved": "2008-08-10T00:00:00",
"dateUpdated": "2024-08-07T09:45:18.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0049 (GCVE-0-2012-0049)
Vulnerability from cvelistv5 – Published: 2019-11-07 17:13 – Updated: 2024-08-06 18:09
VLAI?
Summary
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
Severity ?
No CVSS data available.
CWE
- Other
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:17.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "openttd",
"vendor": "openttd",
"versions": [
{
"status": "affected",
"version": "1.1.5"
}
]
}
],
"datePublic": "2012-01-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-07T17:13:26",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/9"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0049",
"datePublished": "2019-11-07T17:13:26",
"dateReserved": "2011-12-07T00:00:00",
"dateUpdated": "2024-08-06T18:09:17.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6411 (GCVE-0-2013-6411)
Vulnerability from cvelistv5 – Published: 2013-12-14 17:00 – Updated: 2024-08-06 17:39
VLAI?
Summary
The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:39:01.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "56218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56218"
},
{
"name": "64003",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64003"
},
{
"name": "openttd-cve20136411-dos(89334)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89334"
},
{
"name": "openSUSE-SU-2013:1932",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html"
},
{
"name": "55589",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55589"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/26134"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openttd.org/en/CVE-2013-6411"
},
{
"name": "[oss-security] 20131129 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q4/375"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/5820"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "56218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56218"
},
{
"name": "64003",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64003"
},
{
"name": "openttd-cve20136411-dos(89334)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89334"
},
{
"name": "openSUSE-SU-2013:1932",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html"
},
{
"name": "55589",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55589"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/26134"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openttd.org/en/CVE-2013-6411"
},
{
"name": "[oss-security] 20131129 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q4/375"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/5820"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-6411",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56218"
},
{
"name": "64003",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64003"
},
{
"name": "openttd-cve20136411-dos(89334)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89334"
},
{
"name": "openSUSE-SU-2013:1932",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html"
},
{
"name": "55589",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55589"
},
{
"name": "http://vcs.openttd.org/svn/changeset/26134",
"refsource": "CONFIRM",
"url": "http://vcs.openttd.org/svn/changeset/26134"
},
{
"name": "https://security.openttd.org/en/CVE-2013-6411",
"refsource": "CONFIRM",
"url": "https://security.openttd.org/en/CVE-2013-6411"
},
{
"name": "[oss-security] 20131129 Re: CVE request for OpenTTD",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2013/q4/375"
},
{
"name": "http://bugs.openttd.org/task/5820",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/5820"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-6411",
"datePublished": "2013-12-14T17:00:00",
"dateReserved": "2013-11-04T00:00:00",
"dateUpdated": "2024-08-06T17:39:01.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3436 (GCVE-0-2012-3436)
Vulnerability from cvelistv5 – Published: 2012-10-09 18:00 – Updated: 2024-08-06 20:05
VLAI?
Summary
OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "50042",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50042"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2012-3436"
},
{
"name": "[oss-security] 20120728 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/28/7"
},
{
"name": "openSUSE-SU-2012:1063",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00043.html"
},
{
"name": "54720",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54720"
},
{
"name": "[oss-security] 20120731 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/31/5"
},
{
"name": "openttd-water-dos(77266)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77266"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/24449"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/5254"
},
{
"name": "[oss-security] 20120727 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/27/5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/24439"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to \"the water/coast aspect of tiles which also have railtracks on one half.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "50042",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50042"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2012-3436"
},
{
"name": "[oss-security] 20120728 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/28/7"
},
{
"name": "openSUSE-SU-2012:1063",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00043.html"
},
{
"name": "54720",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54720"
},
{
"name": "[oss-security] 20120731 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/31/5"
},
{
"name": "openttd-water-dos(77266)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77266"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/24449"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/5254"
},
{
"name": "[oss-security] 20120727 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/27/5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/24439"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3436",
"datePublished": "2012-10-09T18:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0048 (GCVE-0-2012-0048)
Vulnerability from cvelistv5 – Published: 2012-08-25 10:00 – Updated: 2024-09-16 20:27
VLAI?
Summary
OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a "slow read" attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:17.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20120113 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4955"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"name": "DSA-2524",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"name": "50137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50137"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/23764"
},
{
"name": "[oss-security] 20120107 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/07/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a \"slow read\" attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-25T10:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20120113 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4955"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"name": "DSA-2524",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"name": "50137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50137"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/23764"
},
{
"name": "[oss-security] 20120107 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/07/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a \"slow read\" attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120113 Re: CVE request for OpenTTD",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/8"
},
{
"name": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303",
"refsource": "MISC",
"url": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303"
},
{
"name": "http://bugs.openttd.org/task/4955",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/4955"
},
{
"name": "http://security.openttd.org/en/CVE-2012-0049",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"name": "DSA-2524",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"name": "50137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50137"
},
{
"name": "http://vcs.openttd.org/svn/changeset/23764",
"refsource": "CONFIRM",
"url": "http://vcs.openttd.org/svn/changeset/23764"
},
{
"name": "[oss-security] 20120107 CVE request for OpenTTD",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/07/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0048",
"datePublished": "2012-08-25T10:00:00Z",
"dateReserved": "2011-12-07T00:00:00Z",
"dateUpdated": "2024-09-16T20:27:57.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3341 (GCVE-0-2011-3341)
Vulnerability from cvelistv5 – Published: 2011-09-08 18:00 – Updated: 2024-08-06 23:29
VLAI?
Summary
Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46075"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4745"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2011-3341"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4745/getfile/7707/fixcmds.diff"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46075"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4745"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2011-3341"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4745/getfile/7707/fixcmds.diff"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3341",
"datePublished": "2011-09-08T18:00:00",
"dateReserved": "2011-08-30T00:00:00",
"dateUpdated": "2024-08-06T23:29:56.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3343 (GCVE-0-2011-3343)
Vulnerability from cvelistv5 – Published: 2011-09-08 18:00 – Updated: 2024-08-06 23:29
VLAI?
Summary
Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2011-3343"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4746"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4747"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2011-3343"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4746"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4747"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3343",
"datePublished": "2011-09-08T18:00:00",
"dateReserved": "2011-08-30T00:00:00",
"dateUpdated": "2024-08-06T23:29:56.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3342 (GCVE-0-2011-3342)
Vulnerability from cvelistv5 – Published: 2011-09-08 18:00 – Updated: 2024-08-06 23:29
VLAI?
Summary
Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2011-3342"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4748"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4717"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2011-3342"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4748"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4717"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3342",
"datePublished": "2011-09-08T18:00:00",
"dateReserved": "2011-08-30T00:00:00",
"dateUpdated": "2024-08-06T23:29:56.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4168 (GCVE-0-2010-4168)
Vulnerability from cvelistv5 – Published: 2010-11-17 15:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42578",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42578"
},
{
"name": "ADV-2010-2985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2985"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-4168"
},
{
"name": "FEDORA-2010-18572",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052193.html"
},
{
"name": "[oss-security] 20101115 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128984298802678\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/patch/28.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/21182"
},
{
"name": "44844",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44844"
},
{
"name": "FEDORA-2010-18571",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052187.html"
},
{
"name": "[oss-security] 20101114 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128975491407670\u0026w=2"
},
{
"name": "ADV-2010-3199",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3199"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-18T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "42578",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42578"
},
{
"name": "ADV-2010-2985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2985"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-4168"
},
{
"name": "FEDORA-2010-18572",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052193.html"
},
{
"name": "[oss-security] 20101115 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128984298802678\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/patch/28.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/21182"
},
{
"name": "44844",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44844"
},
{
"name": "FEDORA-2010-18571",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052187.html"
},
{
"name": "[oss-security] 20101114 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128975491407670\u0026w=2"
},
{
"name": "ADV-2010-3199",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3199"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4168",
"datePublished": "2010-11-17T15:00:00",
"dateReserved": "2010-11-04T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2534 (GCVE-0-2010-2534)
Vulnerability from cvelistv5 – Published: 2010-07-27 22:00 – Updated: 2024-08-07 02:39
VLAI?
Summary
The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openttd-networksynccommandqueue-dos(60568)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60568"
},
{
"name": "FEDORA-2010-11450",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044565.html"
},
{
"name": "ADV-2010-1888",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1888"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3909/getfile/6237/loop_fix.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-2534"
},
{
"name": "[oss-security] 20100720 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/07/20/1"
},
{
"name": "FEDORA-2010-11401",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044516.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3909"
},
{
"name": "41804",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/41804"
},
{
"name": "66503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/66503"
},
{
"name": "40760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40760"
},
{
"name": "40630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40630"
},
{
"name": "ADV-2010-1916",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1916"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openttd-networksynccommandqueue-dos(60568)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60568"
},
{
"name": "FEDORA-2010-11450",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044565.html"
},
{
"name": "ADV-2010-1888",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1888"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.openttd.org/task/3909/getfile/6237/loop_fix.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-2534"
},
{
"name": "[oss-security] 20100720 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/07/20/1"
},
{
"name": "FEDORA-2010-11401",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044516.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/3909"
},
{
"name": "41804",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/41804"
},
{
"name": "66503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/66503"
},
{
"name": "40760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40760"
},
{
"name": "40630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40630"
},
{
"name": "ADV-2010-1916",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1916"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2534",
"datePublished": "2010-07-27T22:00:00",
"dateReserved": "2010-06-30T00:00:00",
"dateUpdated": "2024-08-07T02:39:37.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0406 (GCVE-0-2010-0406)
Vulnerability from cvelistv5 – Published: 2010-05-04 18:00 – Updated: 2024-09-16 18:34
VLAI?
Summary
OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-0406"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-04T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/3785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-0406"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0406",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://bugs.openttd.org/task/3785",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/3785"
},
{
"name": "http://security.openttd.org/en/CVE-2010-0406",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0406"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0406",
"datePublished": "2010-05-04T18:00:00Z",
"dateReserved": "2010-01-27T00:00:00Z",
"dateUpdated": "2024-09-16T18:34:55.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0401 (GCVE-0-2010-0401)
Vulnerability from cvelistv5 – Published: 2010-05-04 18:00 – Updated: 2024-09-16 17:48
VLAI?
Summary
OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3754"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-04T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/3754"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0401",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security.openttd.org/en/CVE-2010-0401",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://bugs.openttd.org/task/3754",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/3754"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0401",
"datePublished": "2010-05-04T18:00:00Z",
"dateReserved": "2010-01-27T00:00:00Z",
"dateUpdated": "2024-09-16T17:48:46.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0402 (GCVE-0-2010-0402)
Vulnerability from cvelistv5 – Published: 2010-05-04 18:00 – Updated: 2024-09-16 20:12
VLAI?
Summary
OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-0402"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-04T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-0402"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0402",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://security.openttd.org/en/CVE-2010-0402",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0402"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0402",
"datePublished": "2010-05-04T18:00:00Z",
"dateReserved": "2010-01-27T00:00:00Z",
"dateUpdated": "2024-09-16T20:12:54.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4007 (GCVE-0-2009-4007)
Vulnerability from cvelistv5 – Published: 2009-12-28 19:00 – Updated: 2024-08-07 06:45
VLAI?
Summary
Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:50.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
},
{
"name": "37487",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37487"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
},
{
"name": "61356",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/61356"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openttd.org/en/news/112"
},
{
"name": "[oss-security] 20091224 OpenTTD remote DoS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
},
{
"name": "37929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37929"
},
{
"name": "37984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37984"
},
{
"name": "ADV-2009-3645",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3645"
},
{
"name": "FEDORA-2010-0135",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
},
{
"name": "FEDORA-2010-0144",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-12-31T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
},
{
"name": "37487",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37487"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
},
{
"name": "61356",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/61356"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openttd.org/en/news/112"
},
{
"name": "[oss-security] 20091224 OpenTTD remote DoS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
},
{
"name": "37929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37929"
},
{
"name": "37984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37984"
},
{
"name": "ADV-2009-3645",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3645"
},
{
"name": "FEDORA-2010-0135",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
},
{
"name": "FEDORA-2010-0144",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp",
"refsource": "CONFIRM",
"url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
},
{
"name": "37487",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37487"
},
{
"name": "http://binaries.openttd.org/releases/0.7.5/changelog.txt",
"refsource": "CONFIRM",
"url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
},
{
"name": "61356",
"refsource": "OSVDB",
"url": "http://osvdb.org/61356"
},
{
"name": "http://www.openttd.org/en/news/112",
"refsource": "CONFIRM",
"url": "http://www.openttd.org/en/news/112"
},
{
"name": "[oss-security] 20091224 OpenTTD remote DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
},
{
"name": "37929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37929"
},
{
"name": "37984",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37984"
},
{
"name": "ADV-2009-3645",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3645"
},
{
"name": "FEDORA-2010-0135",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
},
{
"name": "FEDORA-2010-0144",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4007",
"datePublished": "2009-12-28T19:00:00",
"dateReserved": "2009-11-19T00:00:00",
"dateUpdated": "2024-08-07T06:45:50.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3547 (GCVE-0-2008-3547)
Vulnerability from cvelistv5 – Published: 2009-03-10 21:00 – Updated: 2024-08-07 09:45
VLAI?
Summary
Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121790659421159\u0026w=2"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "[oss-security] 20080807 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121814230706576\u0026w=2"
},
{
"name": "[oss-security] 20080804 CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121787604812284\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-companies-clients-bo(49221)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49221"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121797672406282\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/493714"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for \"companies and clients.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121790659421159\u0026w=2"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "[oss-security] 20080807 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121814230706576\u0026w=2"
},
{
"name": "[oss-security] 20080804 CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121787604812284\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-companies-clients-bo(49221)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49221"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121797672406282\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/493714"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for \"companies and clients.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34161"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121790659421159\u0026w=2"
},
{
"name": "GLSA-200903-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "[oss-security] 20080807 Re: CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121814230706576\u0026w=2"
},
{
"name": "[oss-security] 20080804 CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121787604812284\u0026w=2"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=617243",
"refsource": "MISC",
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-companies-clients-bo(49221)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49221"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121797672406282\u0026w=2"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=233929",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"name": "http://bugs.debian.org/493714",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/493714"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3547",
"datePublished": "2009-03-10T21:00:00",
"dateReserved": "2008-08-07T00:00:00",
"dateUpdated": "2024-08-07T09:45:18.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}