Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD373E412E-F748-11DF-96CD-0015F2DB7BDE
HistoryNov 20, 2010 - 12:00 a.m.

OpenTTD -- Denial of service (server/client) via invalid read

2010-11-2000:00:00
vuxml.freebsd.org
11

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.033 Low

EPSS

Percentile

91.2%

JSON

The OpenTTD Team reports:

When a client disconnects, without sending the “quit” or
“client error” message, the server has a chance of reading and
writing a just freed piece of memory. The writing can only
happen while the server is sending the map. Depending on what
happens directly after freeing the memory there is a chance of
segmentation fault, and thus a denial of service.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchopenttd= 1.0.0UNKNOWN
FreeBSDanynoarchopenttd< 1.0.5UNKNOWN

Related

fedora 3
prion 1
cve 1
debiancve 1
openvas 12
ubuntucve 1
nessus 4
securityvulns 2
gentoo 1
fedora
fedora
[SECURITY] Fedora 14 Update: openttd-1.0.5-1.fc14
2010-12-13 20:06:48
[SECURITY] Fedora 13 Update: openttd-1.0.5-1.fc13
2010-12-13 20:05:56
[SECURITY] Fedora 14 Update: openttd-1.1.3-1.fc14
2011-09-19 22:58:48
prion
prion
Design/Logic Flaw
2010-11-17 16:00:00
cve
cve
CVE-2010-4168
2010-11-17 16:00:00
debiancve
debiancve
CVE-2010-4168
2010-11-17 16:00:00
openvas
openvas
FreeBSD Ports: openttd
2011-01-24 00:00:00
Fedora Update for openttd FEDORA-2010-18572
2010-12-28 00:00:00
OpenTTD Multiple use-after-free Denial of Service vulnerability
2010-11-30 00:00:00
ubuntucve
ubuntucve
CVE-2010-4168
2010-11-17 00:00:00
nessus
nessus
FreeBSD : OpenTTD -- Denial of service (server/client) via invalid read (373e412e-f748-11df-96cd-0015f2db7bde)
2010-11-24 00:00:00
Fedora 13 : openttd-1.0.5-1.fc13 (2010-18571)
2010-12-14 00:00:00
Fedora 14 : openttd-1.0.5-1.fc14 (2010-18572)
2010-12-14 00:00:00
securityvulns
securityvulns
OpenTTD DoS
2011-11-21 00:00:00
[ GLSA 201111-03 ] OpenTTD: Multiple vulnerabilities
2011-11-21 00:00:00
gentoo
gentoo
OpenTTD: Multiple vulnerabilities
2011-11-11 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.033 Low

EPSS

Percentile

91.2%

JSON
Related for 373E412E-F748-11DF-96CD-0015F2DB7BDE
fedora3prion1cve1debiancve1openvas12ubuntucve1nessus4securityvulns2gentoo1