Headline

CVE-2020-12066: Security update - 0.7.5 released (Page 1) — News — Teeworlds Forum

CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server.

4 years ago

CVE

Open in Source

#google

You are not logged in. Please login or register.

Active topics Unanswered topics

We’re currently pre-moderating each post due to excessive spamming happening every day. Your post won’t show up immediately, but will become visible within a day.

Pages 1

You must login or register to post a reply

1 2020-04-19 21:58:20

Topic: Security update - 0.7.5 released

An exploit was discovered, that allows to crash any 0.7 Teeworlds server. Though it does not compromise the security of the host (e.g. no arbitrary accesses in memory) it lets an attacker force a server to repetitively shut down (CVE-2020-12066).

The 0.7.5 release is a security update that aims to patch this server exploit. As such, it is very light in features, and is mostly made of fixes. You can find the full changelog here. If you are not a server host, it is not necessary to update. If you are hosting a server modification, you should at least consider to apply c68402fa7e2.

We are still working towards the next release, which will be 0.7.6.

Not Luck, Just Magic.

2 Reply by SpectorLand 2020-05-03 21:22:07