Back to search
CVE-2018-18541
Published: Oct 20, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://teeworlds.com/?page=news&id=12544
x_refsource_MISC
https://github.com/teeworlds/teeworlds/issues/1536
x_refsource_MISC
https://bugs.debian.org/911487
x_refsource_MISC
DSA-4329
vendor-advisory
x_refsource_DEBIAN
openSUSE-SU-2019:1793
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2019:1999
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now