Vulnerabilities > CVE-2006-1999 - Denial Of Service vulnerability in Openttd 0.4.7
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The multiplayer menu in OpenTTD 0.4.7 allows remote attackers to cause a denial of service via a UDP packet with an incorrect size, which causes the client to return to the main menu.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | OpenTTD. CVE-2006-1998,CVE-2006-1999. Dos exploits for multiple platform |
id | EDB-ID:1709 |
last seen | 2016-01-31 |
modified | 2006-04-23 |
published | 2006-04-23 |
reporter | Luigi Auriemma |
source | https://www.exploit-db.com/download/1709/ |
title | OpenTTD <= 0.4.7 - multiple vulnerabilities Denial of Service Exploit |
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200609-03.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200609-03 (OpenTTD: Remote Denial of Service) OpenTTD is vulnerable to a Denial of Service attack due to a flaw in the manner the game server handles errors in command packets. Impact : An authenticated attacker can cause a Denial of Service by sending an invalid error number to a vulnerable OpenTTD server. Workaround : There is no known workaround at this time. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 22325 |
published | 2006-09-12 |
reporter | This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/22325 |
title | GLSA-200609-03 : OpenTTD: Remote Denial of Service |
code |
|
References
- http://aluigi.altervista.org/adv/openttdx-adv.txt
- http://secunia.com/advisories/19768
- http://secunia.com/advisories/21799
- http://security.gentoo.org/glsa/glsa-200609-03.xml
- http://www.securityfocus.com/archive/1/431871/100/0/threaded
- http://www.securityfocus.com/bid/17661
- http://www.vupen.com/english/advisories/2006/1480
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26004