[ GLSA 200509-03 ] OpenTTD: Format string vulnerabilities

From: Stefan Cornelius (dercorny_at_gentoo.org)
Date: 09/05/05

  • Next message: garaged: "Re: CMS Made Simple <= 0.10 - PHP injection" 
    Date: Mon, 05 Sep 2005 18:14:18 +0200
To: gentoo-announce@lists.gentoo.org

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Gentoo Linux Security Advisory GLSA 200509-03
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                                http://security.gentoo.org/
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

      Severity: High
         Title: OpenTTD: Format string vulnerabilities
          Date: September 05, 2005
          Bugs: #102631
            ID: 200509-03

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    Synopsis
    ========

    OpenTTD is vulnerable to format string vulnerabilities which may result
    in remote execution of arbitrary code.

    Background
    ==========

    OpenTTD is an open source clone of the simulation game "Transport
    Tycoon Deluxe" by Microprose.

    Affected packages
    =================

        -------------------------------------------------------------------
         Package / Vulnerable / Unaffected
        -------------------------------------------------------------------
      1 games-simulation/openttd < 0.4.0.1-r1 >= 0.4.0.1-r1

    Description
    ===========

    Alexey Dobriyan discovered several format string vulnerabilities in
    OpenTTD.

    Impact
    ======

    A remote attacker could exploit these vulnerabilities to crash the
    OpenTTD server or client and possibly execute arbitrary code with the
    rights of the user running OpenTTD.

    Workaround
    ==========

    There are no known workarounds at this time.

    Resolution
    ==========

    All OpenTTD users should upgrade to the latest version:

        # emerge --sync
        # emerge --ask --oneshot --verbose
    ">=games-simulation/openttd-0.4.0.1-r1"

    References
    ==========

      [ 1 ] CAN-2005-2763
            http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2763

    Availability
    ============

    This GLSA and any updates to it are available for viewing at
    the Gentoo Security Website:

      http://security.gentoo.org/glsa/glsa-200509-03.xml

    Concerns?
    =========

    Security is a primary focus of Gentoo Linux and ensuring the
    confidentiality and security of our users machines is of utmost
    importance to us. Any security concerns should be addressed to
    security@gentoo.org or alternatively, you may file a bug at
    http://bugs.gentoo.org.

    License
    =======

    Copyright 2005 Gentoo Foundation, Inc; referenced text
    belongs to its owner(s).

    The contents of this document are licensed under the
    Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.0

  • Next message: garaged: "Re: CMS Made Simple <= 0.10 - PHP injection"

    Relevant Pages
    Loading