FKIE_CVE-2009-4007

Vulnerability from fkie_nvd - Published: 2009-12-28 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine.
References
cve@mitre.orghttp://binaries.openttd.org/releases/0.7.5/changelog.txt
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html
cve@mitre.orghttp://osvdb.org/61356
cve@mitre.orghttp://secunia.com/advisories/37929
cve@mitre.orghttp://secunia.com/advisories/37984
cve@mitre.orghttp://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp
cve@mitre.orghttp://www.openttd.org/en/news/112Patch, Vendor Advisory
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2009/12/24/1
cve@mitre.orghttp://www.securityfocus.com/bid/37487
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/3645Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://binaries.openttd.org/releases/0.7.5/changelog.txt
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/61356
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37929
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37984
af854a3a-2127-422b-91ae-364da2661108http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp
af854a3a-2127-422b-91ae-364da2661108http://www.openttd.org/en/news/112Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/12/24/1
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/37487
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/3645Vendor Advisory
Impacted products
Vendor Product Version
openttd openttd *
openttd openttd 0.1.1
openttd openttd 0.1.2
openttd openttd 0.1.3
openttd openttd 0.1.4
openttd openttd 0.2.0
openttd openttd 0.2.1
openttd openttd 0.3.0
openttd openttd 0.3.1
openttd openttd 0.3.2
openttd openttd 0.3.2.1
openttd openttd 0.3.3
openttd openttd 0.3.4
openttd openttd 0.3.5
openttd openttd 0.3.6
openttd openttd 0.3.7
openttd openttd 0.4.0
openttd openttd 0.4.0.1
openttd openttd 0.4.5
openttd openttd 0.4.6
openttd openttd 0.4.7
openttd openttd 0.4.8
openttd openttd 0.4.8
openttd openttd 0.4.8
openttd openttd 0.5.0
openttd openttd 0.5.0
openttd openttd 0.5.0
openttd openttd 0.5.0
openttd openttd 0.5.0
openttd openttd 0.5.0
openttd openttd 0.5.1
openttd openttd 0.5.1
openttd openttd 0.5.1
openttd openttd 0.5.1
openttd openttd 0.5.2
openttd openttd 0.5.2
openttd openttd 0.5.3
openttd openttd 0.5.3
openttd openttd 0.5.3
openttd openttd 0.5.3
openttd openttd 0.6.0
openttd openttd 0.6.0
openttd openttd 0.6.0
openttd openttd 0.6.0
openttd openttd 0.6.0
openttd openttd 0.6.0
openttd openttd 0.6.0
openttd openttd 0.6.1
openttd openttd 0.6.1
openttd openttd 0.6.1
openttd openttd 0.6.2
openttd openttd 0.6.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openttd:openttd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "83637063-4C40-411C-B890-F76945A21EB2",
              "versionEndIncluding": "0.7.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "499EFCAE-9309-4C26-A846-10396CBC628D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6908E44D-3553-430D-B870-266971DC0D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEBDEF33-48E4-42F4-A725-838DA9191334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "422B0D3E-503C-4CA6-83B9-4FC58BA898C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "46557BD6-66A0-4892-9468-687A4B63F5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A186C5E-ACAA-47C8-9FA0-133E9D7F2900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24094775-BAF9-4C2E-8C38-86916E22B5A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7CF73FA-09F6-4CE5-932E-BA6B43D66F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E87583-5769-4114-94F7-043897DA0FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "718E8C39-A59C-4576-B00D-31A8F0C1762C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "83B1A7D7-D920-41F3-8DE9-D39007DDDEFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "327B826F-0F4E-420D-8C93-4551A4B9F190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE12C455-5CA0-4581-A3F3-CC8867CCEEE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DC5E23E-3A14-49B4-A676-AAA96F25D01D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8520357A-27AF-4F48-9095-773F75AAC408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F65EA852-3C46-47D6-8D6B-DC3546165CC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4441B6D-1A48-4DD4-AAAB-FC3B5F00DE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "985D96E7-0BAE-46DF-A1E2-BD4585C6CABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "73062670-5CB9-4AB8-B45D-21E0D557FD49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "876A0BCB-F792-4A21-85AB-5D7D63C3E987",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "97BFB677-F29E-451E-855A-452F8AE0A9D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.4.8:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "99308463-E1A6-4018-819E-29043BFE8886",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.4.8:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "C9E8C9AB-C303-4FB0-AD1D-C7EE4E93E347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF5AEFDA-322E-49CD-AE94-82020B9B7AE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "6AF50B50-ED50-4BCD-8BAE-9161911A0FCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "E3485EF5-F3DF-4622-92D9-B092F46D5AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "12EB77E6-94D0-4980-B392-59ACABEDB8D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.0:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "3051AB9F-5C64-4D95-805F-8575B5BD39D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.0:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "494DD878-5854-49DC-A0E1-2904D70582EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD07BE5-47E4-47E6-B6A2-CEC2BCC3E383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.1:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "1A5AA729-0198-4644-9810-E501C3C47EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.1:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "1D5EC680-4686-4C04-957E-B597A1563F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.1:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "F2C02877-6FE8-4C98-9AB6-5E4D1AC49FFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "89325227-4E0A-49FA-83C1-D0D5E2CEF45D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.2:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "21763CB0-1FFA-4FF4-AA6F-47614E8BEEB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A151DBA9-3A94-431F-BC22-C86E4268263B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.3:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "7246859E-A6CF-4617-A37A-BF17849D43F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.3:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "85FA63BC-2292-49F8-A0E1-34C8497236C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.5.3:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "78365F07-CF44-48FD-B048-2F510D147D0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CBAD231-4365-4A5F-9FD8-1EE13F7FC8A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.6.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "B052159B-4CFF-47DE-A1B7-35C467AD73BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.6.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "BDF5228B-B99A-4E4E-A66F-59275A36B28E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.6.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "5E5F1FE7-ADCB-42AD-AB99-0F17AD8E2FE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.6.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "CD6E4B8D-6C12-4053-A8D2-F64F92AF733A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.6.0:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "9B9BDCD3-85B9-4C17-B625-FC7F62450FB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.6.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8648A48E-BCF9-4B34-B1FF-16B780C2797D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B0C66D6-F933-43B1-8BC0-72625E70442C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.6.1:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "72070978-F3B9-46D6-A3FD-0932D751AD86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.6.1:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "5D6483EA-FC98-4367-A34B-795F858815E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.6.2:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "DAE2A501-3F40-4BFD-B600-AD122BB8EFD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openttd:openttd:0.6.2:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "D49CDF39-F0F2-4B48-87FC-4F984D439497",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en la funci\u00f3n NormaliseTrainConsist en src/train_cmd.cpp en OpenTTD versiones anteriores a v0.7.5-RC1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (parada del demonio) mediante ciertas acciones del juego relacionadas con un vag\u00f3n y una m\u00e1quina con doble motor."
    }
  ],
  "id": "CVE-2009-4007",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-12-28T19:30:00.360",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/61356"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37929"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37984"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.openttd.org/en/news/112"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37487"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/61356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37984"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.openttd.org/en/news/112"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3645"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.