September 28, 2016

OpenTTD: Open Source Game Vulnerabilities Could Lead to Arbitrary Code Execution

(LiveHacking.Com) – The developers of OpenTTD, the open source game based upon the popular Microprose game “Transport Tycoon Deluxe”, have found three potentially dangerous vulnerabilities that could allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.

The details given are as follows:

  1. Denial of service via improperly validated commands – In multiple places in-game commands are not properly validated that allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
  2. Buffer overflows in savegame loading – In multiple places indices in savegames are not properly validated that allow (remote) attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
  3. Multiple buffer overflows in validation of external data – In multiple places external data from the local file system isn’t properly checked before allocating memory, which could lead to buffer overflows and arbitrary code execution.

These vulnerabilities have been present in the game since near its beginning with one bug present in version 0.1.0 of the code. All three problems will be fixed in the 1.1.3 release with a release candidate  already available.