'Re: [oss-security] CVE request for OpenTTD'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request for OpenTTD
From:       frosch <frosch () openttd ! org>
Date:       2012-07-31 16:09:45
Message-ID: 1343750985.4723.7.camel () lagune ! teich
[Download RAW message or body]

> >> On 07/27/2012 03:42 PM, frosch wrote:
> >>> Hello,
> >>> 
> >>> we, the OpenTTD developers, have identified a security 
> >>> vulnerability in OpenTTD (an open source game with
> >>> multiplayer). Would you be so kind as to allocate a CVE id for
> >>> this issue?
> >>> 
> >>> The issue concerns a denial of service vulnerabilty which
> >>> enables an attacker to force the server into an invalid game
> >>> state. The server will abort upon detecting this state. This
> >>> attack can be performed using an unmodified client via normal
> >>> game interaction. The attack requires authorization, but most
> >>> servers do not implement authorization. The first vulnerable
> >>> version is 0.6.0, the upcoming 1.2.2 release will have the
> >>> issue fixed.
> >>> 
> >>> Once a CVE id is allocated, the issue and fix will be
> >>> documented at http://security.openttd.org/CVE-2012-xxxx
> >>> 
> >>> Thanks in advance, Christoph 'frosch' Elsenhans
> >>> 
> >>> (Please CC me, I'm not subscribed)
> >> 
> >> Sorry can you please provide links to an advisory, code commit,
> >> or something so we have a reference?
> >> 
> > trunk commit: http://vcs.openttd.org/svn/changeset/24439/ Bug
> > report: http://bugs.openttd.org/task/5254
> > 
> > Later on http://security.openttd.org/CVE-2012-xxxx will supply
> > patches for all vulnerable versions, and also link to the bug
> > tracker and related commits.
> > 
> > Regards
> 
> Perfect, thanks. Please use CVE-2012-3436 for this issue.
> 
> P.S. with respect to "In some cases ships could be covered with land."
> couldn't the ship sail into a cave or over hanging cliff? ;)

The detailed description is now public on
http://security.openttd.org/CVE-2012-3436

Note that both the problem description and patches have been updated
to cover a second case of this bug, so if you downloaded the patches
before 2012-07-31 16:00 UTC, please download them again.



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic