Summary
This host is installed with OpenTTD and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow remote attackers to cause the application to fall into an infinite loop, denying service to legitimate users.
Impact Level: Application
Solution
Upgrade to the latest version of OpenTTD 1.0.3 or later, For updates refer to http://www.openttd.org
Insight
The flaw is due to the 'NetworkSyncCommandQueue()' function in 'src/network/network_command.cpp' not properly resetting the 'next' pointer, which can be exploited to trigger an endless loop and exhaust CPU resources when joining a server.
Affected
OpenTTD version 1.0.2 and prior.
References
Severity
Classification
-
CVE CVE-2010-2534 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities