Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 31 Jul 2012 18:09:45 +0200
From: frosch <frosch@...nttd.org>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request for OpenTTD

> >> On 07/27/2012 03:42 PM, frosch wrote:
> >>> Hello,
> >>> 
> >>> we, the OpenTTD developers, have identified a security 
> >>> vulnerability in OpenTTD (an open source game with
> >>> multiplayer). Would you be so kind as to allocate a CVE id for
> >>> this issue?
> >>> 
> >>> The issue concerns a denial of service vulnerabilty which
> >>> enables an attacker to force the server into an invalid game
> >>> state. The server will abort upon detecting this state. This
> >>> attack can be performed using an unmodified client via normal
> >>> game interaction. The attack requires authorization, but most
> >>> servers do not implement authorization. The first vulnerable
> >>> version is 0.6.0, the upcoming 1.2.2 release will have the
> >>> issue fixed.
> >>> 
> >>> Once a CVE id is allocated, the issue and fix will be
> >>> documented at http://security.openttd.org/CVE-2012-xxxx
> >>> 
> >>> Thanks in advance, Christoph 'frosch' Elsenhans
> >>> 
> >>> (Please CC me, I'm not subscribed)
> >> 
> >> Sorry can you please provide links to an advisory, code commit,
> >> or something so we have a reference?
> >> 
> > trunk commit: http://vcs.openttd.org/svn/changeset/24439/ Bug
> > report: http://bugs.openttd.org/task/5254
> > 
> > Later on http://security.openttd.org/CVE-2012-xxxx will supply
> > patches for all vulnerable versions, and also link to the bug
> > tracker and related commits.
> > 
> > Regards
> 
> Perfect, thanks. Please use CVE-2012-3436 for this issue.
> 
> P.S. with respect to "In some cases ships could be covered with land."
> couldn't the ship sail into a cave or over hanging cliff? ;)

The detailed description is now public on
http://security.openttd.org/CVE-2012-3436

Note that both the problem description and patches have been updated
to cover a second case of this bug, so if you downloaded the patches
before 2012-07-31 16:00 UTC, please download them again.



Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ