CVE-2018-18541 - Vulnerability Details - OpenCVE

In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Teeworlds	Teeworlds

Configuration 1 [-]

cpe:2.3:a:teeworlds:teeworlds:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html
https://bugs.debian.org/911487
https://github.com/teeworlds/teeworlds/issues/1536
https://teeworlds.com/?page=news&id=12544
https://www.debian.org/security/2018/dsa-4329

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-10-20T22:00:00

Updated: 2024-08-05T11:15:59.691Z

Reserved: 2018-10-20T00:00:00

Link: CVE-2018-18541

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-10-20T22:29:00.263

Modified: 2024-11-21T03:56:07.290

Link: CVE-2018-18541

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-10-20T00:00:00", "descriptions": [{"lang": "en", "value": "In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-08-24T17:06:09", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://teeworlds.com/?page=news&id=12544"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/teeworlds/teeworlds/issues/1536"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.debian.org/911487"}, {"name": "DSA-4329", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4329"}, {"name": "openSUSE-SU-2019:1793", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html"}, {"name": "openSUSE-SU-2019:1999", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-18541", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://teeworlds.com/?page=news&id=12544", "refsource": "MISC", "url": "https://teeworlds.com/?page=news&id=12544"}, {"name": "https://github.com/teeworlds/teeworlds/issues/1536", "refsource": "MISC", "url": "https://github.com/teeworlds/teeworlds/issues/1536"}, {"name": "https://bugs.debian.org/911487", "refsource": "MISC", "url": "https://bugs.debian.org/911487"}, {"name": "DSA-4329", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4329"}, {"name": "openSUSE-SU-2019:1793", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html"}, {"name": "openSUSE-SU-2019:1999", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T11:15:59.691Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://teeworlds.com/?page=news&id=12544"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/teeworlds/teeworlds/issues/1536"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.debian.org/911487"}, {"name": "DSA-4329", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4329"}, {"name": "openSUSE-SU-2019:1793", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html"}, {"name": "openSUSE-SU-2019:1999", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-18541", "datePublished": "2018-10-20T22:00:00", "dateReserved": "2018-10-20T00:00:00", "dateUpdated": "2024-08-05T11:15:59.691Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:teeworlds:teeworlds:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9337E18-0286-4AC0-80DA-E077040674F9", "versionEndExcluding": "0.6.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets."}, {"lang": "es", "value": "En Teeworlds en versiones anteriores a la 0.6.5, podr\u00edan falsificarse paquetes de conexi\u00f3n. No ha habido un desaf\u00edo-respuesta involucrado en el build up de conexi\u00f3n. Un atacante remoto podr\u00eda enviar paquetes de conexi\u00f3n desde una direcci\u00f3n IP suplantada y ocupar todos los slots del servidor o emplearlos para un ataque de reflexi\u00f3n mediante paquetes de descarga de mapas."}], "id": "CVE-2018-18541", "lastModified": "2024-11-21T03:56:07.290", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-10-20T22:29:00.263", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://bugs.debian.org/911487"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/teeworlds/teeworlds/issues/1536"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://teeworlds.com/?page=news&id=12544"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4329"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://bugs.debian.org/911487"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/teeworlds/teeworlds/issues/1536"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://teeworlds.com/?page=news&id=12544"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4329"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}