FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  368515
Date:      2014-09-18
Time:      19:53:09Z
Committer: madpilot

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
1ac858b0-3fae-11e1-a127-0013d3ccd9dfOpenTTD -- Denial of service (server) via slow read attack

The OpenTTD Team reports:

Using a slow read type attack it is possible to prevent anyone from joining a server with virtually no resources. Once downloading the map no other downloads of the map can start, so downloading really slowly will prevent others from joining. This can be further aggravated by the pause-on-join setting in which case the game is paused and the players cannot continue the game during such an attack. This attack requires that the user is not banned and passes the authorization to the server, although for many servers there is no server password and thus authorization is easy.


Discovery 2012-01-06
Entry 2012-01-16
openttd
ge 0.3.5 lt 1.1.5

CVE-2012-0049
http://security.openttd.org/en/CVE-2012-0049
1ac858b0-3fae-11e1-a127-0013d3ccd9dfOpenTTD -- Denial of service (server) via slow read attack

The OpenTTD Team reports:

Using a slow read type attack it is possible to prevent anyone from joining a server with virtually no resources. Once downloading the map no other downloads of the map can start, so downloading really slowly will prevent others from joining. This can be further aggravated by the pause-on-join setting in which case the game is paused and the players cannot continue the game during such an attack. This attack requires that the user is not banned and passes the authorization to the server, although for many servers there is no server password and thus authorization is easy.


Discovery 2012-01-06
Entry 2012-01-16
openttd
ge 0.3.5 lt 1.1.5

CVE-2012-0049
http://security.openttd.org/en/CVE-2012-0049
0f62be39-e8e0-11e1-bea0-002354ed89bcOpenTTD -- Denial of Service

The OpenTTD Team reports:

Denial of service (server) using ships on half tiles and landscaping.


Discovery 2012-07-25
Entry 2012-08-18
openttd
le 1.2.1

CVE-2012-3436
http://security.openttd.org/en/CVE-2012-3436