Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 300175 (CVE-2009-4007)

Summary: <games-simulation/openttd-0.7.5 Wagon/Dual headed engine (yay!) DoS (CVE-2009-4007)
Product: Gentoo Security Reporter: Alex Legler (RETIRED) <a3li>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: games
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.openttd.org/en/news/112
Whiteboard: B3 [noglsa]
Package list:
Runtime testing required: ---
Bug Depends on: 300182    
Bug Blocks:    

Description Alex Legler (RETIRED) archtester gentoo-dev Security 2010-01-08 16:12:35 UTC 
CVE-2009-4007 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4007):
  Unspecified vulnerability in the NormaliseTrainConsist function in
  src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers
  to cause a denial of service (daemon crash) via certain game actions
  involving a wagon and a dual-headed engine.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2010-03-06 17:02:21 UTC 
Hi games, can openttd go stable?
Comment 2 Denilson Sá Maia 2010-07-17 17:33:02 UTC 
I think this bug can be closed... Current portage versions are 1.0.1 and 1.0.2
Comment 3 Stefan Behte (RETIRED) gentoo-dev Security 2010-08-01 13:25:56 UTC 
DOS in game -> closing noglsa.