Date: Tue, 31 Jul 2012 18:09:45 +0200 From: frosch <frosch@...nttd.org> To: oss-security@...ts.openwall.com Subject: Re: CVE request for OpenTTD > >> On 07/27/2012 03:42 PM, frosch wrote: > >>> Hello, > >>> > >>> we, the OpenTTD developers, have identified a security > >>> vulnerability in OpenTTD (an open source game with > >>> multiplayer). Would you be so kind as to allocate a CVE id for > >>> this issue? > >>> > >>> The issue concerns a denial of service vulnerabilty which > >>> enables an attacker to force the server into an invalid game > >>> state. The server will abort upon detecting this state. This > >>> attack can be performed using an unmodified client via normal > >>> game interaction. The attack requires authorization, but most > >>> servers do not implement authorization. The first vulnerable > >>> version is 0.6.0, the upcoming 1.2.2 release will have the > >>> issue fixed. > >>> > >>> Once a CVE id is allocated, the issue and fix will be > >>> documented at http://security.openttd.org/CVE-2012-xxxx > >>> > >>> Thanks in advance, Christoph 'frosch' Elsenhans > >>> > >>> (Please CC me, I'm not subscribed) > >> > >> Sorry can you please provide links to an advisory, code commit, > >> or something so we have a reference? > >> > > trunk commit: http://vcs.openttd.org/svn/changeset/24439/ Bug > > report: http://bugs.openttd.org/task/5254 > > > > Later on http://security.openttd.org/CVE-2012-xxxx will supply > > patches for all vulnerable versions, and also link to the bug > > tracker and related commits. > > > > Regards > > Perfect, thanks. Please use CVE-2012-3436 for this issue. > > P.S. with respect to "In some cases ships could be covered with land." > couldn't the ship sail into a cave or over hanging cliff? ;) The detailed description is now public on http://security.openttd.org/CVE-2012-3436 Note that both the problem description and patches have been updated to cover a second case of this bug, so if you downloaded the patches before 2012-07-31 16:00 UTC, please download them again.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ