CVE-2018-18541

NameCVE-2018-18541
DescriptionIn Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-4329-1
Debian Bugs911487

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
teeworlds (PTS)jessie0.6.2+dfsg-2vulnerable
stretch (security), stretch0.6.5+dfsg-1~deb9u1fixed
buster, sid0.7.0-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
teeworldssource(unstable)0.7.0-1911487
teeworldssourcejessie(unfixed)end-of-life
teeworldssourcestretch0.6.5+dfsg-1~deb9u1DSA-4329-1

Notes

[jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
https://www.teeworlds.com/forum/viewtopic.php?id=12544
https://github.com/teeworlds/teeworlds/issues/1536
https://github.com/teeworlds/teeworlds/commit/a263185571903ead01f6b351a91ea219ac9d215f
https://github.com/teeworlds/teeworlds/commit/aababc63eeeee1bc41672502ca6c7a1dd9f61d94
https://github.com/teeworlds/teeworlds/commit/f5fa1a92ed81ed8da721e803a036b1553a38e39e

Search for package or bug name: Reporting problems