FreeBSD : OpenTTD -- Denial of service (server/client) via invalid read (373e412e-f748-11df-96cd-0015f2db7bde)

Medium Nessus Plugin ID 50699


The remote FreeBSD host is missing a security-related update.


The OpenTTD Team reports :

When a client disconnects, without sending the 'quit' or 'client error' message, the server has a chance of reading and writing a just freed piece of memory. The writing can only happen while the server is sending the map. Depending on what happens directly after freeing the memory there is a chance of segmentation fault, and thus a denial of service.


Update the affected package.

See Also

Plugin Details

Severity: Medium

ID: 50699

File Name: freebsd_pkg_373e412ef74811df96cd0015f2db7bde.nasl

Version: $Revision: 1.5 $

Type: local

Published: 2010/11/24

Modified: 2013/06/21

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:openttd, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2010/11/23

Vulnerability Publication Date: 2010/11/20

Reference Information

CVE: CVE-2010-4168