Re: CVE request for OpenTTD

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/28/2012 04:53 AM, frosch wrote:
> > On 07/27/2012 03:42 PM, frosch wrote:
> > > Hello,
> > >
> > > we, the OpenTTD developers, have identified a security 
> > > vulnerability in OpenTTD (an open source game with
> > > multiplayer). Would you be so kind as to allocate a CVE id for
> > > this issue?
> > >
> > > The issue concerns a denial of service vulnerabilty which
> > > enables an attacker to force the server into an invalid game
> > > state. The server will abort upon detecting this state. This
> > > attack can be performed using an unmodified client via normal
> > > game interaction. The attack requires authorization, but most
> > > servers do not implement authorization. The first vulnerable
> > > version is 0.6.0, the upcoming 1.2.2 release will have the
> > > issue fixed.
> > >
> > > Once a CVE id is allocated, the issue and fix will be
> > > documented at http://security.openttd.org/CVE-2012-xxxx
> > >
> > > Thanks in advance, Christoph 'frosch' Elsenhans
> > >
> > > (Please CC me, I'm not subscribed)
> >
> > Sorry can you please provide links to an advisory, code commit,
> > or something so we have a reference?
> trunk commit: http://vcs.openttd.org/svn/changeset/24439/ Bug
> report: http://bugs.openttd.org/task/5254
>
> Later on http://security.openttd.org/CVE-2012-xxxx will supply
> patches for all vulnerable versions, and also link to the bug
> tracker and related commits.
>
> Regards

Perfect, thanks. Please use CVE-2012-3436 for this issue.

P.S. with respect to "In some cases ships could be covered with land."
couldn't the ship sail into a cave or over hanging cliff? ;)


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJQFFsFAAoJEBYNRVNeJnmTkYsP/3ASyyww0GSXBDa/5ySEL64A
LoIsy9m+rxUU/5C1sRLLDTNehrJ2HE8/yaOeJU1TpBX9jY21jcBu9YLJgPK0i7tT
ameFOO11bn7zuQ7nssyB6Wo5QALivdhCX21sgN240oVCqse+h/zZkYYob2Xmc/Z0
QlgjUAxwtLB1t/z31WU4rRVu9Rp2ArHjCRpuHSuTco9e2SHUQ6UsZZnfK9DxhGx6
ZdXtw5Ts6LAMYXcNackrhnifEcSURPZXGgWc09qABfUYAyyrsncXwiRMDxrRad1o
zJR46C3xJW1T+3SV8tLbSEv8X2VlRifguVzF6JRUpDl0T6Xe0kjPkNa6lHJ9jmTn
CLrVxpdSnzuyII1iuaeuPUjd5jm5hCnhTyHOH/mZyb4gxOQ/GXiXRdz3bhn2wcFc
BT+23wMJxWXU50NnAsqUTahW9r/7V0y0xc5gzfg0YRvNb3MeSZiHTBKM+zzeDEHr
cUGfhHjof5Ad9YSSiRzwfwVXiP1eGoabJcQQGIdRmf0KG7S1y8GGT1xpT2J3Clnq
xygcbpUQQewaMenvyYm3OPtGz2i3yLITHZXMN7SBPL3P4RC1QFiLgSzqXfr0EGI+
zqRdoi4FdSkN4rtIbF0iAJ8gF/LawrqWJ136q+vlGcZOl6AlPShCgEek5s1unQ8n
CWWRtNMcc6cwJ4jES5Fm
=6xJd
-----END PGP SIGNATURE-----