Teeworlds 0.6.5 Vulnerability: Connection Packet Forgery and Server Slot Occupation
CVE-2018-18541 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets.
Learn more about our Cis Benchmark Audit For Server Software.