Vulnerabilities > CVE-2010-0406 - Resource Management Errors vulnerability in Openttd
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2010-7895.NASL description Fixes security issues CVE-2010-0401, CVE-2010-0402 and CVE-2010-0406. * http://security.openttd.org/en/CVE-2010-0401 * http://security.openttd.org/en/CVE-2010-0402 * http://security.openttd.org/en/CVE-2010-0406 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47477 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47477 title Fedora 13 : openttd-1.0.1-1.fc13 (2010-7895) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2010-7895. # include("compat.inc"); if (description) { script_id(47477); script_version("1.11"); script_cvs_date("Date: 2019/08/02 13:32:33"); script_bugtraq_id(39869, 39871, 39874); script_xref(name:"FEDORA", value:"2010-7895"); script_name(english:"Fedora 13 : openttd-1.0.1-1.fc13 (2010-7895)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Fixes security issues CVE-2010-0401, CVE-2010-0402 and CVE-2010-0406. * http://security.openttd.org/en/CVE-2010-0401 * http://security.openttd.org/en/CVE-2010-0402 * http://security.openttd.org/en/CVE-2010-0406 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"http://security.openttd.org/en/CVE-2010-0401" ); script_set_attribute( attribute:"see_also", value:"http://security.openttd.org/en/CVE-2010-0402" ); script_set_attribute( attribute:"see_also", value:"http://security.openttd.org/en/CVE-2010-0406" ); # https://lists.fedoraproject.org/pipermail/package-announce/2010-May/040750.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?38169466" ); script_set_attribute( attribute:"solution", value:"Update the affected openttd package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openttd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:13"); script_set_attribute(attribute:"patch_publication_date", value:"2010/05/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^13([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 13.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC13", reference:"openttd-1.0.1-1.fc13")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openttd"); }NASL family Fedora Local Security Checks NASL id FEDORA_2010-7885.NASL description Fixes security issues CVE-2010-0401, CVE-2010-0402 and CVE-2010-0406. * http://security.openttd.org/en/CVE-2010-0401 * http://security.openttd.org/en/CVE-2010-0402 * http://security.openttd.org/en/CVE-2010-0406 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47476 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47476 title Fedora 11 : openttd-1.0.1-1.fc11 (2010-7885) NASL family Fedora Local Security Checks NASL id FEDORA_2010-7800.NASL description Fixes security issues CVE-2010-0401, CVE-2010-0402 and CVE-2010-0406. * http://security.openttd.org/en/CVE-2010-0401 * http://security.openttd.org/en/CVE-2010-0402 * http://security.openttd.org/en/CVE-2010-0406 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47473 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47473 title Fedora 12 : openttd-1.0.1-1.fc12 (2010-7800)