Информационная безопасность
[RU] switch to English


DoS условия в OpenTTD
дополнено с 21 ноября 2011 г.
Опубликовано:21 ноября 2011 г.
Источник:
SecurityVulns ID:12049
Тип:удаленная
Уровень опасности:
3/10
Описание:Многочисленные DoS-условия.
CVE:CVE-2011-3343 (Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.)
 CVE-2011-3342 (Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame.)
 CVE-2011-3341 (Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.)
 CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp.)
Оригинальный текстdocumentGENTOO, [ GLSA 201111-03 ] OpenTTD: Multiple vulnerabilities (21.11.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород