Debian Security Advisory DSA 2386-1 (openttd) Network Vulnerability

Summary

The remote host is missing an update to openttd announced via advisory DSA 2386-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202386-1

Insight

Several vulnerabilities have been discovered in openttd, a transport business simulation game. Multiple buffer overflows and off-by-one errors allow remote attackers to cause denial of service. For the oldstable distribution (lenny), this problem has been fixed in version 0.6.2-1+lenny4. For the stable distribution (squeeze), this problem has been fixed in version 1.0.4-4. For the unstable distribution (sid), this problem has been fixed in version 1.1.4-1. We recommend that you upgrade your openttd packages.

Severity

Classification

CVE CVE-2011-3341, CVE-2011-3342, CVE-2011-3343

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 095-1 (gpm)
Debian Security Advisory DSA 098-1 (libgtop)
Debian Security Advisory DSA 061-1 (gnupg)
Debian Security Advisory DSA 1038-1 (xzgv)
Debian Security Advisory DSA 047-1 (various kernel packages)

Take action and discover your vulnerabilities