|
Message-ID: <1401696469.859521.1315341953859.JavaMail.root@zmail01.collab.prod.int.phx2.redhat.com> Date: Tue, 6 Sep 2011 16:45:53 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: rubidium@...nttd.org, Michael Lutz <michi+openttd@...sahedron.de>, coley <coley@...re.org> Subject: Re: CVE request for OpenTTD ----- Original Message ----- > Hello folks, > > the OpenTTD team and contributors have discovered several security > vulnerabilities in OpenTTD. Please be so kind to allocate a CVE id for > each of the issues detailed below: > > 1.) Denial of service via improperly validated commands > > In multiple places in-game commands are not properly validated that allow > remote attackers to cause a denial of service (crash) and possibly > execute arbitrary code via unspecified vectors. > > Vulnerability is present since 0.3.5 and will be fixed in the upcoming > 1.1.3 release. Issue report at http://bugs.openttd.org/task/4745 Use CVE-2011-3341 for the above. > > 2.) Buffer overflows in savegame loading > > In multiple places indices in savegames are not properly validated that > allow (remote) attackers to cause a denial of service (crash) and > possibly execute arbitrary code via unspecified vectors. > > Vulnerability is present since 0.1.0 and will be fixed in the upcoming > 1.1.3 release. Issue reports at http://bugs.openttd.org/task/4717 and > http://bugs.openttd.org/task/4748 Use CVE-2011-3342 for the above. > > 3.) Multiple buffer overflows in validation of external data > > In multiple places external data from the local file system isn't > properly checked before allocating memory, which could lead to buffer > overflows and arbitrary code execution. > > Vulnerability is present since 0.3.4 and will be fixed in the upcoming > 1.1.3 release. Issue reports at http://bugs.openttd.org/task/4746 and > http://bugs.openttd.org/task/4747 > Use CVE-2011-3343 for the above. Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.