Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
40 vulnerabilities by openttd
CVE-2012-0049 (GCVE-0-2012-0049)
Vulnerability from cvelistv5 – Published: 2019-11-07 17:13 – Updated: 2024-08-06 18:09
VLAI
EPSS
VEX
Summary
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
Severity
No CVSS data available.
CWE
- Other
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://security.openttd.org/en/CVE-2012-0049 | x_refsource_CONFIRM |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| http://www.debian.org/security/2012/dsa-2524 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/01/13/9 | x_refsource_MISC |
Date Public
2012-01-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:17.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "openttd",
"vendor": "openttd",
"versions": [
{
"status": "affected",
"version": "1.1.5"
}
]
}
],
"datePublic": "2012-01-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-07T17:13:26.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/9"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0049",
"datePublished": "2019-11-07T17:13:26.000Z",
"dateReserved": "2011-12-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:09:17.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6411 (GCVE-0-2013-6411)
Vulnerability from cvelistv5 – Published: 2013-12-14 17:00 – Updated: 2024-08-06 17:39
VLAI
EPSS
VEX
Summary
The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/56218 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/64003 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.opensuse.org/opensuse-updates/2013-1… | vendor-advisoryx_refsource_SUSE |
| http://secunia.com/advisories/55589 | third-party-advisoryx_refsource_SECUNIA |
| http://vcs.openttd.org/svn/changeset/26134 | x_refsource_CONFIRM |
| https://security.openttd.org/en/CVE-2013-6411 | x_refsource_CONFIRM |
| http://seclists.org/oss-sec/2013/q4/375 | mailing-listx_refsource_MLIST |
| http://bugs.openttd.org/task/5820 | x_refsource_CONFIRM |
Date Public
2013-11-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:39:01.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "56218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56218"
},
{
"name": "64003",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64003"
},
{
"name": "openttd-cve20136411-dos(89334)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89334"
},
{
"name": "openSUSE-SU-2013:1932",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html"
},
{
"name": "55589",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55589"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/26134"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openttd.org/en/CVE-2013-6411"
},
{
"name": "[oss-security] 20131129 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q4/375"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/5820"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "56218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56218"
},
{
"name": "64003",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64003"
},
{
"name": "openttd-cve20136411-dos(89334)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89334"
},
{
"name": "openSUSE-SU-2013:1932",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html"
},
{
"name": "55589",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55589"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/26134"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openttd.org/en/CVE-2013-6411"
},
{
"name": "[oss-security] 20131129 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q4/375"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/5820"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-6411",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56218"
},
{
"name": "64003",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64003"
},
{
"name": "openttd-cve20136411-dos(89334)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89334"
},
{
"name": "openSUSE-SU-2013:1932",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html"
},
{
"name": "55589",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55589"
},
{
"name": "http://vcs.openttd.org/svn/changeset/26134",
"refsource": "CONFIRM",
"url": "http://vcs.openttd.org/svn/changeset/26134"
},
{
"name": "https://security.openttd.org/en/CVE-2013-6411",
"refsource": "CONFIRM",
"url": "https://security.openttd.org/en/CVE-2013-6411"
},
{
"name": "[oss-security] 20131129 Re: CVE request for OpenTTD",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2013/q4/375"
},
{
"name": "http://bugs.openttd.org/task/5820",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/5820"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-6411",
"datePublished": "2013-12-14T17:00:00.000Z",
"dateReserved": "2013-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-06T17:39:01.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3436 (GCVE-0-2012-3436)
Vulnerability from cvelistv5 – Published: 2012-10-09 18:00 – Updated: 2024-08-06 20:05
VLAI
EPSS
VEX
Summary
OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/50042 | third-party-advisoryx_refsource_SECUNIA |
| http://security.openttd.org/en/CVE-2012-3436 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/07/28/7 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-updates/2012-0… | vendor-advisoryx_refsource_SUSE |
| http://www.securityfocus.com/bid/54720 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2012/07/31/5 | mailing-listx_refsource_MLIST |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://vcs.openttd.org/svn/changeset/24449 | x_refsource_CONFIRM |
| http://bugs.openttd.org/task/5254 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/07/27/5 | mailing-listx_refsource_MLIST |
| http://vcs.openttd.org/svn/changeset/24439 | x_refsource_CONFIRM |
Date Public
2012-07-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "50042",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50042"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2012-3436"
},
{
"name": "[oss-security] 20120728 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/28/7"
},
{
"name": "openSUSE-SU-2012:1063",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00043.html"
},
{
"name": "54720",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54720"
},
{
"name": "[oss-security] 20120731 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/31/5"
},
{
"name": "openttd-water-dos(77266)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77266"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/24449"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/5254"
},
{
"name": "[oss-security] 20120727 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/27/5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/24439"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to \"the water/coast aspect of tiles which also have railtracks on one half.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "50042",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50042"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2012-3436"
},
{
"name": "[oss-security] 20120728 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/28/7"
},
{
"name": "openSUSE-SU-2012:1063",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00043.html"
},
{
"name": "54720",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54720"
},
{
"name": "[oss-security] 20120731 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/31/5"
},
{
"name": "openttd-water-dos(77266)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77266"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/24449"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/5254"
},
{
"name": "[oss-security] 20120727 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/27/5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/24439"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3436",
"datePublished": "2012-10-09T18:00:00.000Z",
"dateReserved": "2012-06-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:05:12.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0048 (GCVE-0-2012-0048)
Vulnerability from cvelistv5 – Published: 2012-08-25 10:00 – Updated: 2024-09-16 20:27
VLAI
EPSS
VEX
Summary
OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a "slow read" attack.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2012/01/13/8 | mailing-listx_refsource_MLIST |
| http://www.tt-forums.net/viewtopic.php?f=33&t=580… | x_refsource_MISC |
| http://bugs.openttd.org/task/4955 | x_refsource_CONFIRM |
| http://security.openttd.org/en/CVE-2012-0049 | x_refsource_CONFIRM |
| http://www.debian.org/security/2012/dsa-2524 | vendor-advisoryx_refsource_DEBIAN |
| http://secunia.com/advisories/50137 | third-party-advisoryx_refsource_SECUNIA |
| http://vcs.openttd.org/svn/changeset/23764 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/01/07/2 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:17.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20120113 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4955"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"name": "DSA-2524",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"name": "50137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50137"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/23764"
},
{
"name": "[oss-security] 20120107 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/07/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a \"slow read\" attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-25T10:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20120113 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4955"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"name": "DSA-2524",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"name": "50137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50137"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/23764"
},
{
"name": "[oss-security] 20120107 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/07/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a \"slow read\" attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120113 Re: CVE request for OpenTTD",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/8"
},
{
"name": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303",
"refsource": "MISC",
"url": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303"
},
{
"name": "http://bugs.openttd.org/task/4955",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/4955"
},
{
"name": "http://security.openttd.org/en/CVE-2012-0049",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"name": "DSA-2524",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"name": "50137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50137"
},
{
"name": "http://vcs.openttd.org/svn/changeset/23764",
"refsource": "CONFIRM",
"url": "http://vcs.openttd.org/svn/changeset/23764"
},
{
"name": "[oss-security] 20120107 CVE request for OpenTTD",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/07/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0048",
"datePublished": "2012-08-25T10:00:00.000Z",
"dateReserved": "2011-12-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:27:57.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3342 (GCVE-0-2011-3342)
Vulnerability from cvelistv5 – Published: 2011-09-08 18:00 – Updated: 2024-08-06 23:29
VLAI
EPSS
VEX
Summary
Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://security.openttd.org/en/CVE-2011-3342 | x_refsource_CONFIRM |
| http://bugs.openttd.org/task/4748 | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://bugs.openttd.org/task/4717 | x_refsource_CONFIRM |
| http://secunia.com/advisories/46075 | third-party-advisoryx_refsource_SECUNIA |
| http://www.debian.org/security/2012/dsa-2386 | vendor-advisoryx_refsource_DEBIAN |
| http://openwall.com/lists/oss-security/2011/09/02/4 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/49439 | vdb-entryx_refsource_BID |
| http://openwall.com/lists/oss-security/2011/09/06/2 | mailing-listx_refsource_MLIST |
Date Public
2011-09-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2011-3342"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4748"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4717"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2011-3342"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4748"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4717"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3342",
"datePublished": "2011-09-08T18:00:00.000Z",
"dateReserved": "2011-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:29:56.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3343 (GCVE-0-2011-3343)
Vulnerability from cvelistv5 – Published: 2011-09-08 18:00 – Updated: 2024-08-06 23:29
VLAI
EPSS
VEX
Summary
Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://security.openttd.org/en/CVE-2011-3343 | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://secunia.com/advisories/46075 | third-party-advisoryx_refsource_SECUNIA |
| http://www.debian.org/security/2012/dsa-2386 | vendor-advisoryx_refsource_DEBIAN |
| http://bugs.openttd.org/task/4746 | x_refsource_CONFIRM |
| http://openwall.com/lists/oss-security/2011/09/02/4 | mailing-listx_refsource_MLIST |
| http://bugs.openttd.org/task/4747 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/49439 | vdb-entryx_refsource_BID |
| http://openwall.com/lists/oss-security/2011/09/06/2 | mailing-listx_refsource_MLIST |
Date Public
2011-09-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2011-3343"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4746"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4747"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2011-3343"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4746"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4747"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3343",
"datePublished": "2011-09-08T18:00:00.000Z",
"dateReserved": "2011-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:29:56.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3341 (GCVE-0-2011-3341)
Vulnerability from cvelistv5 – Published: 2011-09-08 18:00 – Updated: 2024-08-06 23:29
VLAI
EPSS
VEX
Summary
Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://secunia.com/advisories/46075 | third-party-advisoryx_refsource_SECUNIA |
| http://bugs.openttd.org/task/4745 | x_refsource_CONFIRM |
| http://security.openttd.org/en/CVE-2011-3341 | x_refsource_CONFIRM |
| http://www.debian.org/security/2012/dsa-2386 | vendor-advisoryx_refsource_DEBIAN |
| http://openwall.com/lists/oss-security/2011/09/02/4 | mailing-listx_refsource_MLIST |
| http://bugs.openttd.org/task/4745/getfile/7707/fi… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/49439 | vdb-entryx_refsource_BID |
| http://openwall.com/lists/oss-security/2011/09/06/2 | mailing-listx_refsource_MLIST |
Date Public
2011-09-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46075"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4745"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2011-3341"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4745/getfile/7707/fixcmds.diff"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46075"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4745"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2011-3341"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4745/getfile/7707/fixcmds.diff"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3341",
"datePublished": "2011-09-08T18:00:00.000Z",
"dateReserved": "2011-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:29:56.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4168 (GCVE-0-2010-4168)
Vulnerability from cvelistv5 – Published: 2010-11-17 15:00 – Updated: 2024-08-07 03:34
VLAI
EPSS
VEX
Summary
Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/42578 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2010/2985 | vdb-entryx_refsource_VUPEN |
| http://security.openttd.org/en/CVE-2010-4168 | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://marc.info/?l=oss-security&m=128984298802678&w=2 | mailing-listx_refsource_MLIST |
| http://security.openttd.org/en/patch/28.patch | x_refsource_CONFIRM |
| http://vcs.openttd.org/svn/changeset/21182 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/44844 | vdb-entryx_refsource_BID |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://marc.info/?l=oss-security&m=128975491407670&w=2 | mailing-listx_refsource_MLIST |
| http://www.vupen.com/english/advisories/2010/3199 | vdb-entryx_refsource_VUPEN |
Date Public
2010-11-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42578",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42578"
},
{
"name": "ADV-2010-2985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2985"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-4168"
},
{
"name": "FEDORA-2010-18572",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052193.html"
},
{
"name": "[oss-security] 20101115 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128984298802678\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/patch/28.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/21182"
},
{
"name": "44844",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44844"
},
{
"name": "FEDORA-2010-18571",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052187.html"
},
{
"name": "[oss-security] 20101114 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128975491407670\u0026w=2"
},
{
"name": "ADV-2010-3199",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3199"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-18T10:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "42578",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42578"
},
{
"name": "ADV-2010-2985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2985"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-4168"
},
{
"name": "FEDORA-2010-18572",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052193.html"
},
{
"name": "[oss-security] 20101115 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128984298802678\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/patch/28.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/21182"
},
{
"name": "44844",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44844"
},
{
"name": "FEDORA-2010-18571",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052187.html"
},
{
"name": "[oss-security] 20101114 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128975491407670\u0026w=2"
},
{
"name": "ADV-2010-3199",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3199"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4168",
"datePublished": "2010-11-17T15:00:00.000Z",
"dateReserved": "2010-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2534 (GCVE-0-2010-2534)
Vulnerability from cvelistv5 – Published: 2010-07-27 22:00 – Updated: 2024-08-07 02:39
VLAI
EPSS
VEX
Summary
The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.vupen.com/english/advisories/2010/1888 | vdb-entryx_refsource_VUPEN |
| http://bugs.openttd.org/task/3909/getfile/6237/lo… | x_refsource_MISC |
| http://security.openttd.org/en/CVE-2010-2534 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2010/07/20/1 | mailing-listx_refsource_MLIST |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://bugs.openttd.org/task/3909 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/41804 | vdb-entryx_refsource_BID |
| http://osvdb.org/66503 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/40760 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/40630 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2010/1916 | vdb-entryx_refsource_VUPEN |
Date Public
2010-07-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openttd-networksynccommandqueue-dos(60568)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60568"
},
{
"name": "FEDORA-2010-11450",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044565.html"
},
{
"name": "ADV-2010-1888",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1888"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3909/getfile/6237/loop_fix.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-2534"
},
{
"name": "[oss-security] 20100720 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/07/20/1"
},
{
"name": "FEDORA-2010-11401",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044516.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3909"
},
{
"name": "41804",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/41804"
},
{
"name": "66503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/66503"
},
{
"name": "40760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40760"
},
{
"name": "40630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40630"
},
{
"name": "ADV-2010-1916",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1916"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openttd-networksynccommandqueue-dos(60568)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60568"
},
{
"name": "FEDORA-2010-11450",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044565.html"
},
{
"name": "ADV-2010-1888",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1888"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.openttd.org/task/3909/getfile/6237/loop_fix.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-2534"
},
{
"name": "[oss-security] 20100720 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/07/20/1"
},
{
"name": "FEDORA-2010-11401",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044516.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/3909"
},
{
"name": "41804",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/41804"
},
{
"name": "66503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/66503"
},
{
"name": "40760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40760"
},
{
"name": "40630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40630"
},
{
"name": "ADV-2010-1916",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1916"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2534",
"datePublished": "2010-07-27T22:00:00.000Z",
"dateReserved": "2010-06-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T02:39:37.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0406 (GCVE-0-2010-0406)
Vulnerability from cvelistv5 – Published: 2010-05-04 18:00 – Updated: 2024-09-16 18:34
VLAI
EPSS
VEX
Summary
OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/39669 | third-party-advisoryx_refsource_SECUNIA |
| http://bugs.openttd.org/task/3785 | x_refsource_CONFIRM |
| http://security.openttd.org/en/CVE-2010-0406 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-0406"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-04T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/3785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-0406"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0406",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://bugs.openttd.org/task/3785",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/3785"
},
{
"name": "http://security.openttd.org/en/CVE-2010-0406",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0406"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0406",
"datePublished": "2010-05-04T18:00:00.000Z",
"dateReserved": "2010-01-27T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:34:55.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0401 (GCVE-0-2010-0401)
Vulnerability from cvelistv5 – Published: 2010-05-04 18:00 – Updated: 2024-09-16 17:48
VLAI
EPSS
VEX
Summary
OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://security.openttd.org/en/CVE-2010-0401 | x_refsource_CONFIRM |
| http://secunia.com/advisories/39669 | third-party-advisoryx_refsource_SECUNIA |
| http://bugs.openttd.org/task/3754 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3754"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-04T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/3754"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0401",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security.openttd.org/en/CVE-2010-0401",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://bugs.openttd.org/task/3754",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/3754"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0401",
"datePublished": "2010-05-04T18:00:00.000Z",
"dateReserved": "2010-01-27T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:48:46.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0402 (GCVE-0-2010-0402)
Vulnerability from cvelistv5 – Published: 2010-05-04 18:00 – Updated: 2024-09-16 20:12
VLAI
EPSS
VEX
Summary
OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/39669 | third-party-advisoryx_refsource_SECUNIA |
| http://security.openttd.org/en/CVE-2010-0402 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-0402"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-04T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-0402"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0402",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://security.openttd.org/en/CVE-2010-0402",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0402"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0402",
"datePublished": "2010-05-04T18:00:00.000Z",
"dateReserved": "2010-01-27T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:12:54.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4007 (GCVE-0-2009-4007)
Vulnerability from cvelistv5 – Published: 2009-12-28 19:00 – Updated: 2024-08-07 06:45
VLAI
EPSS
VEX
Summary
Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://vcs.openttd.org/svn/changeset/18462/trunk/… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/37487 | vdb-entryx_refsource_BID |
| http://binaries.openttd.org/releases/0.7.5/change… | x_refsource_CONFIRM |
| http://osvdb.org/61356 | vdb-entryx_refsource_OSVDB |
| http://www.openttd.org/en/news/112 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2009/12/24/1 | mailing-listx_refsource_MLIST |
| http://secunia.com/advisories/37929 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/37984 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2009/3645 | vdb-entryx_refsource_VUPEN |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
Date Public
2009-12-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:50.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
},
{
"name": "37487",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37487"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
},
{
"name": "61356",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/61356"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openttd.org/en/news/112"
},
{
"name": "[oss-security] 20091224 OpenTTD remote DoS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
},
{
"name": "37929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37929"
},
{
"name": "37984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37984"
},
{
"name": "ADV-2009-3645",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3645"
},
{
"name": "FEDORA-2010-0135",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
},
{
"name": "FEDORA-2010-0144",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-12-31T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
},
{
"name": "37487",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37487"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
},
{
"name": "61356",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/61356"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openttd.org/en/news/112"
},
{
"name": "[oss-security] 20091224 OpenTTD remote DoS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
},
{
"name": "37929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37929"
},
{
"name": "37984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37984"
},
{
"name": "ADV-2009-3645",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3645"
},
{
"name": "FEDORA-2010-0135",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
},
{
"name": "FEDORA-2010-0144",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp",
"refsource": "CONFIRM",
"url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
},
{
"name": "37487",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37487"
},
{
"name": "http://binaries.openttd.org/releases/0.7.5/changelog.txt",
"refsource": "CONFIRM",
"url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
},
{
"name": "61356",
"refsource": "OSVDB",
"url": "http://osvdb.org/61356"
},
{
"name": "http://www.openttd.org/en/news/112",
"refsource": "CONFIRM",
"url": "http://www.openttd.org/en/news/112"
},
{
"name": "[oss-security] 20091224 OpenTTD remote DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
},
{
"name": "37929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37929"
},
{
"name": "37984",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37984"
},
{
"name": "ADV-2009-3645",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3645"
},
{
"name": "FEDORA-2010-0135",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
},
{
"name": "FEDORA-2010-0144",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4007",
"datePublished": "2009-12-28T19:00:00.000Z",
"dateReserved": "2009-11-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:45:50.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3547 (GCVE-0-2008-3547)
Vulnerability from cvelistv5 – Published: 2009-03-10 21:00 – Updated: 2024-08-07 09:45
VLAI
EPSS
VEX
Summary
Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/34161 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=oss-security&m=121790659421159&w=2 | mailing-listx_refsource_MLIST |
| http://security.gentoo.org/glsa/glsa-200903-09.xml | vendor-advisoryx_refsource_GENTOO |
| http://marc.info/?l=oss-security&m=121814230706576&w=2 | mailing-listx_refsource_MLIST |
| http://marc.info/?l=oss-security&m=121787604812284&w=2 | mailing-listx_refsource_MLIST |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=oss-security&m=121797672406282&w=2 | mailing-listx_refsource_MLIST |
| http://bugs.gentoo.org/show_bug.cgi?id=233929 | x_refsource_CONFIRM |
| http://bugs.debian.org/493714 | x_refsource_CONFIRM |
Date Public
2008-08-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121790659421159\u0026w=2"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "[oss-security] 20080807 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121814230706576\u0026w=2"
},
{
"name": "[oss-security] 20080804 CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121787604812284\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-companies-clients-bo(49221)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49221"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121797672406282\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/493714"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for \"companies and clients.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121790659421159\u0026w=2"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "[oss-security] 20080807 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121814230706576\u0026w=2"
},
{
"name": "[oss-security] 20080804 CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121787604812284\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-companies-clients-bo(49221)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49221"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121797672406282\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/493714"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for \"companies and clients.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34161"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121790659421159\u0026w=2"
},
{
"name": "GLSA-200903-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "[oss-security] 20080807 Re: CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121814230706576\u0026w=2"
},
{
"name": "[oss-security] 20080804 CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121787604812284\u0026w=2"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=617243",
"refsource": "MISC",
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-companies-clients-bo(49221)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49221"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121797672406282\u0026w=2"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=233929",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"name": "http://bugs.debian.org/493714",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/493714"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3547",
"datePublished": "2009-03-10T21:00:00.000Z",
"dateReserved": "2008-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:45:18.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0049 (GCVE-0-2012-0049)
Vulnerability from nvd – Published: 2019-11-07 17:13 – Updated: 2024-08-06 18:09
VLAI
EPSS
VEX
Summary
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
Severity
No CVSS data available.
CWE
- Other
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://security.openttd.org/en/CVE-2012-0049 | x_refsource_CONFIRM |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| http://www.debian.org/security/2012/dsa-2524 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/01/13/9 | x_refsource_MISC |
Date Public
2012-01-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:17.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "openttd",
"vendor": "openttd",
"versions": [
{
"status": "affected",
"version": "1.1.5"
}
]
}
],
"datePublic": "2012-01-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-07T17:13:26.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/9"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0049",
"datePublished": "2019-11-07T17:13:26.000Z",
"dateReserved": "2011-12-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:09:17.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6411 (GCVE-0-2013-6411)
Vulnerability from nvd – Published: 2013-12-14 17:00 – Updated: 2024-08-06 17:39
VLAI
EPSS
VEX
Summary
The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/56218 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/64003 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.opensuse.org/opensuse-updates/2013-1… | vendor-advisoryx_refsource_SUSE |
| http://secunia.com/advisories/55589 | third-party-advisoryx_refsource_SECUNIA |
| http://vcs.openttd.org/svn/changeset/26134 | x_refsource_CONFIRM |
| https://security.openttd.org/en/CVE-2013-6411 | x_refsource_CONFIRM |
| http://seclists.org/oss-sec/2013/q4/375 | mailing-listx_refsource_MLIST |
| http://bugs.openttd.org/task/5820 | x_refsource_CONFIRM |
Date Public
2013-11-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:39:01.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "56218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56218"
},
{
"name": "64003",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64003"
},
{
"name": "openttd-cve20136411-dos(89334)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89334"
},
{
"name": "openSUSE-SU-2013:1932",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html"
},
{
"name": "55589",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55589"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/26134"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openttd.org/en/CVE-2013-6411"
},
{
"name": "[oss-security] 20131129 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q4/375"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/5820"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "56218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56218"
},
{
"name": "64003",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64003"
},
{
"name": "openttd-cve20136411-dos(89334)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89334"
},
{
"name": "openSUSE-SU-2013:1932",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html"
},
{
"name": "55589",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55589"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/26134"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openttd.org/en/CVE-2013-6411"
},
{
"name": "[oss-security] 20131129 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q4/375"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/5820"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-6411",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56218"
},
{
"name": "64003",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64003"
},
{
"name": "openttd-cve20136411-dos(89334)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89334"
},
{
"name": "openSUSE-SU-2013:1932",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00095.html"
},
{
"name": "55589",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55589"
},
{
"name": "http://vcs.openttd.org/svn/changeset/26134",
"refsource": "CONFIRM",
"url": "http://vcs.openttd.org/svn/changeset/26134"
},
{
"name": "https://security.openttd.org/en/CVE-2013-6411",
"refsource": "CONFIRM",
"url": "https://security.openttd.org/en/CVE-2013-6411"
},
{
"name": "[oss-security] 20131129 Re: CVE request for OpenTTD",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2013/q4/375"
},
{
"name": "http://bugs.openttd.org/task/5820",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/5820"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-6411",
"datePublished": "2013-12-14T17:00:00.000Z",
"dateReserved": "2013-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-06T17:39:01.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3436 (GCVE-0-2012-3436)
Vulnerability from nvd – Published: 2012-10-09 18:00 – Updated: 2024-08-06 20:05
VLAI
EPSS
VEX
Summary
OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/50042 | third-party-advisoryx_refsource_SECUNIA |
| http://security.openttd.org/en/CVE-2012-3436 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/07/28/7 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-updates/2012-0… | vendor-advisoryx_refsource_SUSE |
| http://www.securityfocus.com/bid/54720 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2012/07/31/5 | mailing-listx_refsource_MLIST |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://vcs.openttd.org/svn/changeset/24449 | x_refsource_CONFIRM |
| http://bugs.openttd.org/task/5254 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/07/27/5 | mailing-listx_refsource_MLIST |
| http://vcs.openttd.org/svn/changeset/24439 | x_refsource_CONFIRM |
Date Public
2012-07-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "50042",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50042"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2012-3436"
},
{
"name": "[oss-security] 20120728 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/28/7"
},
{
"name": "openSUSE-SU-2012:1063",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00043.html"
},
{
"name": "54720",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54720"
},
{
"name": "[oss-security] 20120731 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/31/5"
},
{
"name": "openttd-water-dos(77266)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77266"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/24449"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/5254"
},
{
"name": "[oss-security] 20120727 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/27/5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/24439"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to \"the water/coast aspect of tiles which also have railtracks on one half.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "50042",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50042"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2012-3436"
},
{
"name": "[oss-security] 20120728 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/28/7"
},
{
"name": "openSUSE-SU-2012:1063",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00043.html"
},
{
"name": "54720",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54720"
},
{
"name": "[oss-security] 20120731 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/31/5"
},
{
"name": "openttd-water-dos(77266)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77266"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/24449"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/5254"
},
{
"name": "[oss-security] 20120727 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/27/5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/24439"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3436",
"datePublished": "2012-10-09T18:00:00.000Z",
"dateReserved": "2012-06-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:05:12.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0048 (GCVE-0-2012-0048)
Vulnerability from nvd – Published: 2012-08-25 10:00 – Updated: 2024-09-16 20:27
VLAI
EPSS
VEX
Summary
OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a "slow read" attack.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2012/01/13/8 | mailing-listx_refsource_MLIST |
| http://www.tt-forums.net/viewtopic.php?f=33&t=580… | x_refsource_MISC |
| http://bugs.openttd.org/task/4955 | x_refsource_CONFIRM |
| http://security.openttd.org/en/CVE-2012-0049 | x_refsource_CONFIRM |
| http://www.debian.org/security/2012/dsa-2524 | vendor-advisoryx_refsource_DEBIAN |
| http://secunia.com/advisories/50137 | third-party-advisoryx_refsource_SECUNIA |
| http://vcs.openttd.org/svn/changeset/23764 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/01/07/2 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:17.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20120113 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4955"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"name": "DSA-2524",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"name": "50137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50137"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/23764"
},
{
"name": "[oss-security] 20120107 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/07/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a \"slow read\" attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-25T10:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20120113 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4955"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"name": "DSA-2524",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"name": "50137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50137"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/23764"
},
{
"name": "[oss-security] 20120107 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/07/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a \"slow read\" attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120113 Re: CVE request for OpenTTD",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/13/8"
},
{
"name": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303",
"refsource": "MISC",
"url": "http://www.tt-forums.net/viewtopic.php?f=33\u0026t=58073\u0026hilit=pause#p989303"
},
{
"name": "http://bugs.openttd.org/task/4955",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/4955"
},
{
"name": "http://security.openttd.org/en/CVE-2012-0049",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2012-0049"
},
{
"name": "DSA-2524",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2524"
},
{
"name": "50137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50137"
},
{
"name": "http://vcs.openttd.org/svn/changeset/23764",
"refsource": "CONFIRM",
"url": "http://vcs.openttd.org/svn/changeset/23764"
},
{
"name": "[oss-security] 20120107 CVE request for OpenTTD",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/07/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0048",
"datePublished": "2012-08-25T10:00:00.000Z",
"dateReserved": "2011-12-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:27:57.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3343 (GCVE-0-2011-3343)
Vulnerability from nvd – Published: 2011-09-08 18:00 – Updated: 2024-08-06 23:29
VLAI
EPSS
VEX
Summary
Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://security.openttd.org/en/CVE-2011-3343 | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://secunia.com/advisories/46075 | third-party-advisoryx_refsource_SECUNIA |
| http://www.debian.org/security/2012/dsa-2386 | vendor-advisoryx_refsource_DEBIAN |
| http://bugs.openttd.org/task/4746 | x_refsource_CONFIRM |
| http://openwall.com/lists/oss-security/2011/09/02/4 | mailing-listx_refsource_MLIST |
| http://bugs.openttd.org/task/4747 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/49439 | vdb-entryx_refsource_BID |
| http://openwall.com/lists/oss-security/2011/09/06/2 | mailing-listx_refsource_MLIST |
Date Public
2011-09-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2011-3343"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4746"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4747"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2011-3343"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4746"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4747"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3343",
"datePublished": "2011-09-08T18:00:00.000Z",
"dateReserved": "2011-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:29:56.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3342 (GCVE-0-2011-3342)
Vulnerability from nvd – Published: 2011-09-08 18:00 – Updated: 2024-08-06 23:29
VLAI
EPSS
VEX
Summary
Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://security.openttd.org/en/CVE-2011-3342 | x_refsource_CONFIRM |
| http://bugs.openttd.org/task/4748 | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://bugs.openttd.org/task/4717 | x_refsource_CONFIRM |
| http://secunia.com/advisories/46075 | third-party-advisoryx_refsource_SECUNIA |
| http://www.debian.org/security/2012/dsa-2386 | vendor-advisoryx_refsource_DEBIAN |
| http://openwall.com/lists/oss-security/2011/09/02/4 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/49439 | vdb-entryx_refsource_BID |
| http://openwall.com/lists/oss-security/2011/09/06/2 | mailing-listx_refsource_MLIST |
Date Public
2011-09-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2011-3342"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4748"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4717"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2011-3342"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4748"
},
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4717"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46075"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3342",
"datePublished": "2011-09-08T18:00:00.000Z",
"dateReserved": "2011-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:29:56.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3341 (GCVE-0-2011-3341)
Vulnerability from nvd – Published: 2011-09-08 18:00 – Updated: 2024-08-06 23:29
VLAI
EPSS
VEX
Summary
Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://secunia.com/advisories/46075 | third-party-advisoryx_refsource_SECUNIA |
| http://bugs.openttd.org/task/4745 | x_refsource_CONFIRM |
| http://security.openttd.org/en/CVE-2011-3341 | x_refsource_CONFIRM |
| http://www.debian.org/security/2012/dsa-2386 | vendor-advisoryx_refsource_DEBIAN |
| http://openwall.com/lists/oss-security/2011/09/02/4 | mailing-listx_refsource_MLIST |
| http://bugs.openttd.org/task/4745/getfile/7707/fi… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/49439 | vdb-entryx_refsource_BID |
| http://openwall.com/lists/oss-security/2011/09/06/2 | mailing-listx_refsource_MLIST |
Date Public
2011-09-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46075"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4745"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2011-3341"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/4745/getfile/7707/fixcmds.diff"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2011-12975",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html"
},
{
"name": "46075",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46075"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4745"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2011-3341"
},
{
"name": "DSA-2386",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2386"
},
{
"name": "[oss-security] 20110902 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/02/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/4745/getfile/7707/fixcmds.diff"
},
{
"name": "49439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49439"
},
{
"name": "[oss-security] 20110906 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/09/06/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3341",
"datePublished": "2011-09-08T18:00:00.000Z",
"dateReserved": "2011-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:29:56.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4168 (GCVE-0-2010-4168)
Vulnerability from nvd – Published: 2010-11-17 15:00 – Updated: 2024-08-07 03:34
VLAI
EPSS
VEX
Summary
Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/42578 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2010/2985 | vdb-entryx_refsource_VUPEN |
| http://security.openttd.org/en/CVE-2010-4168 | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://marc.info/?l=oss-security&m=128984298802678&w=2 | mailing-listx_refsource_MLIST |
| http://security.openttd.org/en/patch/28.patch | x_refsource_CONFIRM |
| http://vcs.openttd.org/svn/changeset/21182 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/44844 | vdb-entryx_refsource_BID |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://marc.info/?l=oss-security&m=128975491407670&w=2 | mailing-listx_refsource_MLIST |
| http://www.vupen.com/english/advisories/2010/3199 | vdb-entryx_refsource_VUPEN |
Date Public
2010-11-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42578",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42578"
},
{
"name": "ADV-2010-2985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2985"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-4168"
},
{
"name": "FEDORA-2010-18572",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052193.html"
},
{
"name": "[oss-security] 20101115 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128984298802678\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/patch/28.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/21182"
},
{
"name": "44844",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44844"
},
{
"name": "FEDORA-2010-18571",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052187.html"
},
{
"name": "[oss-security] 20101114 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128975491407670\u0026w=2"
},
{
"name": "ADV-2010-3199",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3199"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-18T10:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "42578",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42578"
},
{
"name": "ADV-2010-2985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2985"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-4168"
},
{
"name": "FEDORA-2010-18572",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052193.html"
},
{
"name": "[oss-security] 20101115 Re: CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128984298802678\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/patch/28.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/21182"
},
{
"name": "44844",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44844"
},
{
"name": "FEDORA-2010-18571",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052187.html"
},
{
"name": "[oss-security] 20101114 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128975491407670\u0026w=2"
},
{
"name": "ADV-2010-3199",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3199"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4168",
"datePublished": "2010-11-17T15:00:00.000Z",
"dateReserved": "2010-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2534 (GCVE-0-2010-2534)
Vulnerability from nvd – Published: 2010-07-27 22:00 – Updated: 2024-08-07 02:39
VLAI
EPSS
VEX
Summary
The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.vupen.com/english/advisories/2010/1888 | vdb-entryx_refsource_VUPEN |
| http://bugs.openttd.org/task/3909/getfile/6237/lo… | x_refsource_MISC |
| http://security.openttd.org/en/CVE-2010-2534 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2010/07/20/1 | mailing-listx_refsource_MLIST |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://bugs.openttd.org/task/3909 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/41804 | vdb-entryx_refsource_BID |
| http://osvdb.org/66503 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/40760 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/40630 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2010/1916 | vdb-entryx_refsource_VUPEN |
Date Public
2010-07-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openttd-networksynccommandqueue-dos(60568)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60568"
},
{
"name": "FEDORA-2010-11450",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044565.html"
},
{
"name": "ADV-2010-1888",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1888"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3909/getfile/6237/loop_fix.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-2534"
},
{
"name": "[oss-security] 20100720 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/07/20/1"
},
{
"name": "FEDORA-2010-11401",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044516.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3909"
},
{
"name": "41804",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/41804"
},
{
"name": "66503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/66503"
},
{
"name": "40760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40760"
},
{
"name": "40630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40630"
},
{
"name": "ADV-2010-1916",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1916"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openttd-networksynccommandqueue-dos(60568)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60568"
},
{
"name": "FEDORA-2010-11450",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044565.html"
},
{
"name": "ADV-2010-1888",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1888"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.openttd.org/task/3909/getfile/6237/loop_fix.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-2534"
},
{
"name": "[oss-security] 20100720 CVE request for OpenTTD",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/07/20/1"
},
{
"name": "FEDORA-2010-11401",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044516.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/3909"
},
{
"name": "41804",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/41804"
},
{
"name": "66503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/66503"
},
{
"name": "40760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40760"
},
{
"name": "40630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40630"
},
{
"name": "ADV-2010-1916",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1916"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2534",
"datePublished": "2010-07-27T22:00:00.000Z",
"dateReserved": "2010-06-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T02:39:37.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0406 (GCVE-0-2010-0406)
Vulnerability from nvd – Published: 2010-05-04 18:00 – Updated: 2024-09-16 18:34
VLAI
EPSS
VEX
Summary
OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/39669 | third-party-advisoryx_refsource_SECUNIA |
| http://bugs.openttd.org/task/3785 | x_refsource_CONFIRM |
| http://security.openttd.org/en/CVE-2010-0406 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-0406"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-04T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/3785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-0406"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0406",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://bugs.openttd.org/task/3785",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/3785"
},
{
"name": "http://security.openttd.org/en/CVE-2010-0406",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0406"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0406",
"datePublished": "2010-05-04T18:00:00.000Z",
"dateReserved": "2010-01-27T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:34:55.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0402 (GCVE-0-2010-0402)
Vulnerability from nvd – Published: 2010-05-04 18:00 – Updated: 2024-09-16 20:12
VLAI
EPSS
VEX
Summary
OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/39669 | third-party-advisoryx_refsource_SECUNIA |
| http://security.openttd.org/en/CVE-2010-0402 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-0402"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-04T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-0402"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0402",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://security.openttd.org/en/CVE-2010-0402",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0402"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0402",
"datePublished": "2010-05-04T18:00:00.000Z",
"dateReserved": "2010-01-27T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:12:54.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0401 (GCVE-0-2010-0401)
Vulnerability from nvd – Published: 2010-05-04 18:00 – Updated: 2024-09-16 17:48
VLAI
EPSS
VEX
Summary
OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://security.openttd.org/en/CVE-2010-0401 | x_refsource_CONFIRM |
| http://secunia.com/advisories/39669 | third-party-advisoryx_refsource_SECUNIA |
| http://bugs.openttd.org/task/3754 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.openttd.org/task/3754"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-04T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.openttd.org/task/3754"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0401",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security.openttd.org/en/CVE-2010-0401",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://bugs.openttd.org/task/3754",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/3754"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0401",
"datePublished": "2010-05-04T18:00:00.000Z",
"dateReserved": "2010-01-27T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:48:46.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4007 (GCVE-0-2009-4007)
Vulnerability from nvd – Published: 2009-12-28 19:00 – Updated: 2024-08-07 06:45
VLAI
EPSS
VEX
Summary
Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://vcs.openttd.org/svn/changeset/18462/trunk/… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/37487 | vdb-entryx_refsource_BID |
| http://binaries.openttd.org/releases/0.7.5/change… | x_refsource_CONFIRM |
| http://osvdb.org/61356 | vdb-entryx_refsource_OSVDB |
| http://www.openttd.org/en/news/112 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2009/12/24/1 | mailing-listx_refsource_MLIST |
| http://secunia.com/advisories/37929 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/37984 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2009/3645 | vdb-entryx_refsource_VUPEN |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
Date Public
2009-12-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:50.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
},
{
"name": "37487",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37487"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
},
{
"name": "61356",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/61356"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openttd.org/en/news/112"
},
{
"name": "[oss-security] 20091224 OpenTTD remote DoS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
},
{
"name": "37929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37929"
},
{
"name": "37984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37984"
},
{
"name": "ADV-2009-3645",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3645"
},
{
"name": "FEDORA-2010-0135",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
},
{
"name": "FEDORA-2010-0144",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-12-31T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
},
{
"name": "37487",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37487"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
},
{
"name": "61356",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/61356"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openttd.org/en/news/112"
},
{
"name": "[oss-security] 20091224 OpenTTD remote DoS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
},
{
"name": "37929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37929"
},
{
"name": "37984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37984"
},
{
"name": "ADV-2009-3645",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3645"
},
{
"name": "FEDORA-2010-0135",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
},
{
"name": "FEDORA-2010-0144",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp",
"refsource": "CONFIRM",
"url": "http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp"
},
{
"name": "37487",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37487"
},
{
"name": "http://binaries.openttd.org/releases/0.7.5/changelog.txt",
"refsource": "CONFIRM",
"url": "http://binaries.openttd.org/releases/0.7.5/changelog.txt"
},
{
"name": "61356",
"refsource": "OSVDB",
"url": "http://osvdb.org/61356"
},
{
"name": "http://www.openttd.org/en/news/112",
"refsource": "CONFIRM",
"url": "http://www.openttd.org/en/news/112"
},
{
"name": "[oss-security] 20091224 OpenTTD remote DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/24/1"
},
{
"name": "37929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37929"
},
{
"name": "37984",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37984"
},
{
"name": "ADV-2009-3645",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3645"
},
{
"name": "FEDORA-2010-0135",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html"
},
{
"name": "FEDORA-2010-0144",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4007",
"datePublished": "2009-12-28T19:00:00.000Z",
"dateReserved": "2009-11-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:45:50.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3547 (GCVE-0-2008-3547)
Vulnerability from nvd – Published: 2009-03-10 21:00 – Updated: 2024-08-07 09:45
VLAI
EPSS
VEX
Summary
Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/34161 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=oss-security&m=121790659421159&w=2 | mailing-listx_refsource_MLIST |
| http://security.gentoo.org/glsa/glsa-200903-09.xml | vendor-advisoryx_refsource_GENTOO |
| http://marc.info/?l=oss-security&m=121814230706576&w=2 | mailing-listx_refsource_MLIST |
| http://marc.info/?l=oss-security&m=121787604812284&w=2 | mailing-listx_refsource_MLIST |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=oss-security&m=121797672406282&w=2 | mailing-listx_refsource_MLIST |
| http://bugs.gentoo.org/show_bug.cgi?id=233929 | x_refsource_CONFIRM |
| http://bugs.debian.org/493714 | x_refsource_CONFIRM |
Date Public
2008-08-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121790659421159\u0026w=2"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "[oss-security] 20080807 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121814230706576\u0026w=2"
},
{
"name": "[oss-security] 20080804 CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121787604812284\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-companies-clients-bo(49221)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49221"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=121797672406282\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/493714"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for \"companies and clients.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121790659421159\u0026w=2"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "[oss-security] 20080807 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121814230706576\u0026w=2"
},
{
"name": "[oss-security] 20080804 CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121787604812284\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-companies-clients-bo(49221)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49221"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=121797672406282\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/493714"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for \"companies and clients.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34161"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121790659421159\u0026w=2"
},
{
"name": "GLSA-200903-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "[oss-security] 20080807 Re: CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121814230706576\u0026w=2"
},
{
"name": "[oss-security] 20080804 CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121787604812284\u0026w=2"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=617243",
"refsource": "MISC",
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-companies-clients-bo(49221)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49221"
},
{
"name": "[oss-security] 20080805 Re: CVE id request: openttd",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=121797672406282\u0026w=2"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=233929",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"name": "http://bugs.debian.org/493714",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/493714"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3547",
"datePublished": "2009-03-10T21:00:00.000Z",
"dateReserved": "2008-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:45:18.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3577 (GCVE-0-2008-3577)
Vulnerability from nvd – Published: 2008-08-10 21:00 – Updated: 2024-08-07 09:45
VLAI
EPSS
VEX
Summary
Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/34161 | third-party-advisoryx_refsource_SECUNIA |
| http://security.gentoo.org/glsa/glsa-200903-09.xml | vendor-advisoryx_refsource_GENTOO |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/30525 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2008/2285 | vdb-entryx_refsource_VUPEN |
| http://bugs.gentoo.org/show_bug.cgi?id=233929 | x_refsource_CONFIRM |
Date Public
2008-08-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-ttdmain-bo(44436)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44436"
},
{
"name": "30525",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30525"
},
{
"name": "ADV-2008-2285",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2285"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the \"-g\" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-ttdmain-bo(44436)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44436"
},
{
"name": "30525",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30525"
},
{
"name": "ADV-2008-2285",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2285"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the \"-g\" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34161"
},
{
"name": "GLSA-200903-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=617243",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "openttd-ttdmain-bo(44436)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44436"
},
{
"name": "30525",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30525"
},
{
"name": "ADV-2008-2285",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2285"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=233929",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3577",
"datePublished": "2008-08-10T21:00:00.000Z",
"dateReserved": "2008-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:45:18.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3576 (GCVE-0-2008-3576)
Vulnerability from nvd – Published: 2008-08-10 21:00 – Updated: 2024-08-07 09:45
VLAI
EPSS
VEX
Summary
Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/34161 | third-party-advisoryx_refsource_SECUNIA |
| http://security.gentoo.org/glsa/glsa-200903-09.xml | vendor-advisoryx_refsource_GENTOO |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| http://secunia.com/advisories/31350 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/30525 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2008/2285 | vdb-entryx_refsource_VUPEN |
| http://www.openttd.org/index.php | x_refsource_CONFIRM |
| http://bugs.gentoo.org/show_bug.cgi?id=233929 | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2008-08-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "31350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31350"
},
{
"name": "30525",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30525"
},
{
"name": "ADV-2008-2285",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2285"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openttd.org/index.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"name": "openttd-truncatestring-bo(44168)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44168"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34161"
},
{
"name": "GLSA-200903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "31350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31350"
},
{
"name": "30525",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30525"
},
{
"name": "ADV-2008-2285",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2285"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openttd.org/index.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"name": "openttd-truncatestring-bo(44168)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44168"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3576",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34161"
},
{
"name": "GLSA-200903-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200903-09.xml"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=617243",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=617243"
},
{
"name": "31350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31350"
},
{
"name": "30525",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30525"
},
{
"name": "ADV-2008-2285",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2285"
},
{
"name": "http://www.openttd.org/index.php",
"refsource": "CONFIRM",
"url": "http://www.openttd.org/index.php"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=233929",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=233929"
},
{
"name": "openttd-truncatestring-bo(44168)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44168"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3576",
"datePublished": "2008-08-10T21:00:00.000Z",
"dateReserved": "2008-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:45:18.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}