Vulnerabilities > CVE-2009-4007 - Unspecified vulnerability in Openttd
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN openttd
nessus
Summary
Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine.
Vulnerable Configurations
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2010-0144.NASL description CVE-2009-4007 (game server remote crash) http://www.openttd.org/en/news/112 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47175 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47175 title Fedora 11 : openttd-0.7.5-1.fc11 (2010-0144) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2010-0144. # include("compat.inc"); if (description) { script_id(47175); script_version("1.10"); script_cvs_date("Date: 2019/08/02 13:32:30"); script_cve_id("CVE-2009-4007"); script_bugtraq_id(37487); script_xref(name:"FEDORA", value:"2010-0144"); script_name(english:"Fedora 11 : openttd-0.7.5-1.fc11 (2010-0144)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "CVE-2009-4007 (game server remote crash) http://www.openttd.org/en/news/112 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"http://www.openttd.org/en/news/112" ); # https://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a9263125" ); script_set_attribute( attribute:"solution", value:"Update the affected openttd package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openttd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:11"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^11([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 11.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC11", reference:"openttd-0.7.5-1.fc11")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openttd"); }NASL family Fedora Local Security Checks NASL id FEDORA_2010-0135.NASL description CVE-2009-4007 (game server remote crash) http://www.openttd.org/en/news/112 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47174 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47174 title Fedora 12 : openttd-0.7.5-1.fc12 (2010-0135) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2010-0135. # include("compat.inc"); if (description) { script_id(47174); script_version("1.10"); script_cvs_date("Date: 2019/08/02 13:32:30"); script_cve_id("CVE-2009-4007"); script_bugtraq_id(37487); script_xref(name:"FEDORA", value:"2010-0135"); script_name(english:"Fedora 12 : openttd-0.7.5-1.fc12 (2010-0135)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "CVE-2009-4007 (game server remote crash) http://www.openttd.org/en/news/112 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"http://www.openttd.org/en/news/112" ); # https://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?9c20fef9" ); script_set_attribute( attribute:"solution", value:"Update the affected openttd package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openttd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:12"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^12([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 12.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC12", reference:"openttd-0.7.5-1.fc12")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openttd"); }
References
- http://binaries.openttd.org/releases/0.7.5/changelog.txt
- http://binaries.openttd.org/releases/0.7.5/changelog.txt
- http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033754.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033896.html
- http://osvdb.org/61356
- http://osvdb.org/61356
- http://secunia.com/advisories/37929
- http://secunia.com/advisories/37929
- http://secunia.com/advisories/37984
- http://secunia.com/advisories/37984
- http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp
- http://vcs.openttd.org/svn/changeset/18462/trunk/src/train_cmd.cpp
- http://www.openttd.org/en/news/112
- http://www.openttd.org/en/news/112
- http://www.openwall.com/lists/oss-security/2009/12/24/1
- http://www.openwall.com/lists/oss-security/2009/12/24/1
- http://www.securityfocus.com/bid/37487
- http://www.securityfocus.com/bid/37487
- http://www.vupen.com/english/advisories/2009/3645
- http://www.vupen.com/english/advisories/2009/3645