Multiple buffer overflows in OpenTTD might allow for the execution of arbitrary code in the server.
Package | games-simulation/openttd on all architectures |
---|---|
Affected versions | < 0.6.3 |
Unaffected versions | >= 0.6.3 |
OpenTTD is a clone of Transport Tycoon Deluxe.
Multiple buffer overflows have been reported in OpenTTD, when storing long for client names (CVE-2008-3547), in the TruncateString function in src/gfx.cpp (CVE-2008-3576) and in src/openttd.cpp when processing a large filename supplied to the "-g" parameter in the ttd_main function (CVE-2008-3577).
An authenticated attacker could exploit these vulnerabilities to execute arbitrary code with the privileges of the OpenTTD server.
There is no known workaround at this time.
All OpenTTD users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=games-simulation/openttd-0.6.3"
Release date
March 07, 2009
Latest revision
March 07, 2009: 01
Severity
high
Exploitable
remote
Bugzilla entries