OpenTTD 'NetworkSyncCommandQueue()' Denial Of Service Vulnerability Network Vulnerability

Summary

This host is installed with OpenTTD and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow remote attackers to cause the application to fall into an infinite loop, denying service to legitimate users. Impact Level: Application

Solution

Upgrade to the latest version of OpenTTD 1.0.3 or later, For updates refer to http://www.openttd.org

Insight

The flaw is due to the 'NetworkSyncCommandQueue()' function in 'src/network/network_command.cpp' not properly resetting the 'next' pointer, which can be exploited to trigger an endless loop and exhaust CPU resources when joining a server.

Affected

OpenTTD version 1.0.2 and prior.

References

http://secunia.com/advisories/40630
http://security.openttd.org/en/CVE-2010-2534
http://www.vupen.com/english/advisories/2010/1888
http://xforce.iss.net/xforce/xfdb/60568

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2534
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Connect back to SOCKS5 server
F-PROT Antivirus Multiple Vulnerabilities
chm2pdf Insecure Temporary File Creation or DoS Vulnerability
DB2 discovery service DOS
Apache Tomcat Content-Type Header Denial Of Service Vulnerability

OpenTTD 'NetworkSyncCommandQueue()' Denial of Service Vulnerability

Take action and discover your vulnerabilities