Summary
| Detail | |||
|---|---|---|---|
| Vendor | Openttd | First view | 2005-09-06 |
| Product | Openttd | Last view | 2019-11-07 |
| Version | Type | Application | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 4.3 | 2019-11-07 | CVE-2012-0049 | OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. |
| 5 | 2013-12-14 | CVE-2013-6411 | The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map. |
| 5 | 2012-10-09 | CVE-2012-3436 | OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half." |
| 4.3 | 2012-08-25 | CVE-2012-0048 | OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a "slow read" attack. |
| 4.6 | 2011-09-08 | CVE-2011-3343 | Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file. |
| 7.5 | 2011-09-08 | CVE-2011-3342 | Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame. |
| 7.5 | 2011-09-08 | CVE-2011-3341 | Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command. |
| 7.5 | 2010-11-17 | CVE-2010-4168 | Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp. |
| 5 | 2010-07-28 | CVE-2010-2534 | The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue. |
| 4 | 2010-05-05 | CVE-2010-0406 | OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map. |
| 6.5 | 2010-05-05 | CVE-2010-0402 | OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command. |
| 6.5 | 2010-05-05 | CVE-2010-0401 | OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet. |
| 5 | 2009-12-28 | CVE-2009-4007 | Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine. |
| 9 | 2009-03-10 | CVE-2008-3547 | Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients." |
| 4.6 | 2008-08-10 | CVE-2008-3577 | Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments. |
| 10 | 2008-08-10 | CVE-2008-3576 | Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information. |
| 5 | 2006-04-25 | CVE-2006-1999 | The multiplayer menu in OpenTTD 0.4.7 allows remote attackers to cause a denial of service via a UDP packet with an incorrect size, which causes the client to return to the main menu. |
| 2.1 | 2006-04-25 | CVE-2006-1998 | OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error. |
| 7.5 | 2005-09-21 | CVE-2005-2764 | Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. |
| 7.5 | 2005-09-06 | CVE-2005-2763 | Multiple format string vulnerabilities in OpenTTD before 0.4.0.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 40% (6) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 20% (3) | CWE-399 | Resource Management Errors |
| 6% (1) | CWE-416 | Use After Free |
| 6% (1) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 6% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 6% (1) | CWE-189 | Numeric Errors |
| 6% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 6% (1) | CWE-20 | Improper Input Validation |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:14577 | DSA-2386-1 openttd -- several |
| oval:org.mitre.oval:def:18577 | DSA-2524-1 openttd - several |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 75114 | OpenTTD Memory Allocation BMP File Handling Remote Overflow |
| 75111 | OpenTTD Multiple Chunk Savegame File Handling Remote Overflow |
| 75110 | OpenTTD order_cmd.cpp CMD_INSERT_ORDER Remote Command Injection |
| 69502 | OpenTTD Session Disconnection Use-after-free Remote DoS |
| 66503 | OpenTTD src/network/network_command.cpp NetworkSyncCommandQueue() Infinite Lo... |
| 64272 | OpenTTD File Descriptor Leak Exhaustion DoS |
| 64271 | OpenTTD Unspecified Command Handling Remote DoS |
| 64270 | OpenTTD Password Request Handling Authentication Bypass |
| 61356 | OpenTTD src/train_cmd.cpp NormaliseTrainConsist Function Remote DoS |
| 56453 | OpenTTD "companies and clients" Name Handling Remote Overflow |
| 47399 | OpenTTD src/openttd.cpp ttd_main Function -g Variable Local Overflow |
| 47328 | OpenTTD src/gfx.cpp TruncateString() Function Overflow |
| 28563 | OpenTTD Malformed UDP Packet Remote DoS |
| 24875 | OpenTTD Crafted Error Number Remote DoS |
| 19624 | OpenTTD texteff.c Remote Overflow |
| 19623 | OpenTTD console_cmds.c Format String |
| 19622 | OpenTTD network_client.c Format String |
| 19621 | OpenTTD network_server.c Format String |
| 19620 | OpenTTD network.c Format String |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-08-30 | Name : Fedora Update for openttd FEDORA-2012-12198 File : nvt/gb_fedora_2012_12198_openttd_fc16.nasl |
| 2012-08-30 | Name : Fedora Update for openttd FEDORA-2012-12208 File : nvt/gb_fedora_2012_12208_openttd_fc17.nasl |
| 2012-08-30 | Name : FreeBSD Ports: openttd File : nvt/freebsd_openttd5.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2524-1 (openttd) File : nvt/deb_2524_1.nasl |
| 2012-04-02 | Name : Fedora Update for openttd FEDORA-2012-0647 File : nvt/gb_fedora_2012_0647_openttd_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for openttd FEDORA-2011-12945 File : nvt/gb_fedora_2011_12945_openttd_fc16.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201111-03 (ebuild OpenTTD) File : nvt/glsa_201111_03.nasl |
| 2012-02-12 | Name : FreeBSD Ports: openttd File : nvt/freebsd_openttd4.nasl |
| 2012-02-11 | Name : Debian Security Advisory DSA 2386-1 (openttd) File : nvt/deb_2386_1.nasl |
| 2012-02-01 | Name : Fedora Update for openttd FEDORA-2012-0623 File : nvt/gb_fedora_2012_0623_openttd_fc15.nasl |
| 2011-09-23 | Name : Fedora Update for openttd FEDORA-2011-12975 File : nvt/gb_fedora_2011_12975_openttd_fc14.nasl |
| 2011-01-24 | Name : FreeBSD Ports: openttd File : nvt/freebsd_openttd0.nasl |
| 2010-12-28 | Name : Fedora Update for openttd FEDORA-2010-18571 File : nvt/gb_fedora_2010_18571_openttd_fc13.nasl |
| 2010-12-28 | Name : Fedora Update for openttd FEDORA-2010-18572 File : nvt/gb_fedora_2010_18572_openttd_fc14.nasl |
| 2010-11-30 | Name : OpenTTD Multiple use-after-free Denial of Service vulnerability File : nvt/gb_openttd_mult_use_after_free_dos_vuln.nasl |
| 2010-10-10 | Name : FreeBSD Ports: openttd File : nvt/freebsd_openttd.nasl |
| 2010-08-02 | Name : OpenTTD 'NetworkSyncCommandQueue()' Denial of Service Vulnerability File : nvt/secpod_openttd_dos_vuln.nasl |
| 2010-07-30 | Name : Fedora Update for openttd FEDORA-2010-11450 File : nvt/gb_fedora_2010_11450_openttd_fc12.nasl |
| 2010-07-30 | Name : Fedora Update for openttd FEDORA-2010-11401 File : nvt/gb_fedora_2010_11401_openttd_fc13.nasl |
| 2010-05-13 | Name : OpenTTD Multiple Security bypass vulnerabilities File : nvt/gb_openttd_mult_sec_bypass_vuln.nasl |
| 2010-05-07 | Name : Fedora Update for openttd FEDORA-2010-7885 File : nvt/gb_fedora_2010_7885_openttd_fc11.nasl |
| 2010-05-07 | Name : Fedora Update for openttd FEDORA-2010-7800 File : nvt/gb_fedora_2010_7800_openttd_fc12.nasl |
| 2010-03-02 | Name : Fedora Update for openttd FEDORA-2010-0144 File : nvt/gb_fedora_2010_0144_openttd_fc11.nasl |
| 2010-03-02 | Name : Fedora Update for openttd FEDORA-2010-0135 File : nvt/gb_fedora_2010_0135_openttd_fc12.nasl |
| 2009-03-13 | Name : Gentoo Security Advisory GLSA 200903-09 (openttd) File : nvt/glsa_200903_09.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2014-07-08 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201407-01.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2013-999.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-537.nasl - Type: ACT_GATHER_INFO |
| 2013-12-24 | Name: The remote Fedora host is missing a security update. File: fedora_2013-23339.nasl - Type: ACT_GATHER_INFO |
| 2013-12-24 | Name: The remote Fedora host is missing a security update. File: fedora_2013-23432.nasl - Type: ACT_GATHER_INFO |
| 2013-12-24 | Name: The remote Fedora host is missing a security update. File: fedora_2013-23378.nasl - Type: ACT_GATHER_INFO |
| 2013-12-03 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_d20732375b5211e380f7c86000cbc6ec.nasl - Type: ACT_GATHER_INFO |
| 2012-09-18 | Name: The remote Fedora host is missing a security update. File: fedora_2012-12191.nasl - Type: ACT_GATHER_INFO |
| 2012-08-27 | Name: The remote Fedora host is missing a security update. File: fedora_2012-12208.nasl - Type: ACT_GATHER_INFO |
| 2012-08-27 | Name: The remote Fedora host is missing a security update. File: fedora_2012-12198.nasl - Type: ACT_GATHER_INFO |
| 2012-08-20 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_0f62be39e8e011e1bea0002354ed89bc.nasl - Type: ACT_GATHER_INFO |
| 2012-08-07 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2524.nasl - Type: ACT_GATHER_INFO |
| 2012-01-30 | Name: The remote Fedora host is missing a security update. File: fedora_2012-0623.nasl - Type: ACT_GATHER_INFO |
| 2012-01-30 | Name: The remote Fedora host is missing a security update. File: fedora_2012-0647.nasl - Type: ACT_GATHER_INFO |
| 2012-01-18 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_1ac858b03fae11e1a1270013d3ccd9df.nasl - Type: ACT_GATHER_INFO |
| 2012-01-12 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2386.nasl - Type: ACT_GATHER_INFO |
| 2011-11-14 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201111-03.nasl - Type: ACT_GATHER_INFO |
| 2011-10-17 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_78c25ed7f3f911e08b5cb482fe3f522d.nasl - Type: ACT_GATHER_INFO |
| 2011-10-17 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_e77befb5f3f911e08b5cb482fe3f522d.nasl - Type: ACT_GATHER_INFO |
| 2011-10-17 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_9bad5ab1f3f611e08b5cb482fe3f522d.nasl - Type: ACT_GATHER_INFO |
| 2011-10-03 | Name: The remote Fedora host is missing a security update. File: fedora_2011-12945.nasl - Type: ACT_GATHER_INFO |
| 2011-09-20 | Name: The remote Fedora host is missing a security update. File: fedora_2011-12975.nasl - Type: ACT_GATHER_INFO |
| 2010-12-14 | Name: The remote Fedora host is missing a security update. File: fedora_2010-18572.nasl - Type: ACT_GATHER_INFO |
| 2010-12-14 | Name: The remote Fedora host is missing a security update. File: fedora_2010-18571.nasl - Type: ACT_GATHER_INFO |
| 2010-11-24 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_373e412ef74811df96cd0015f2db7bde.nasl - Type: ACT_GATHER_INFO |
