Luke1410
commented
6 years ago Let me get back to you on this. I'll prioritize the https://github.com/facebookarchive/RakNet/issues/102 issue now.
Closed Daniel-Cortez closed 6 years ago
Luke1410
commented
6 years ago Let me get back to you on this. I'll prioritize the https://github.com/facebookarchive/RakNet/issues/102 issue now.
Luke1410
commented
6 years ago Nope the "vulnerability" has not been completely resolved, yet. The special case as described in the referenced RakNet issue https://github.com/facebookarchive/RakNet/issues/102 is something I'll fix directly, since it's an obvious fix (please let me know if you'd like it being integrated immediately in the GitHub repository - otherwise I'll commit it once we added an appropriate test case to verify it's working as intended).
To resolve the described vulnerability in the issue, it'll require a bit more work (incl. extending our tests which currently don't detect the vulnerability). I'll prioritize this task now as the next issue to resolve after some of the pending issues/pull requests throughout RakNet.
Daniel-Cortez
commented
6 years ago Thanks. While I'm not actially using SLikeNet myself (it was a friend who was going to migrate one of their projects from RakNet to SLikeNet and asked me to report this vulnerability), I still think it would be better to have the fix in the repo as soon as it's done.
Luke1410
commented
6 years ago We just committed the obvious fix for the uint24_t max case resulting in an endless loop (available in the SVN repository and the GitHub repository). The remaining issue(s) are on the list of things to resolve for the next version. Internal case number SLNET-194 / SLNET-204.
Luke1410
commented
6 years ago Just to give a quick heads up: We are now working on this issue. We made several changes to the area and are currently testing/reviewing them to ensure this completely resolves this DOS attack vector.
Luke1410
commented
6 years ago We are going to release an unplanned hotfix of SLikeNet due to this exploit (SLikeNet 0.1.2) and will also provide a pull request to RakNet (for those who are staying with RakNet). We are currently targeting a release on 2018-05-06. If you need an urgent fix, feel free to contact us by mail at support@slikesoft.com.
This exploit has the following CVSS score: base score: 7.5 temporal score: 7.2 (7.5 until SLikeNet 0.1.2 is released) overall score: 7.2 (7.5 until SLikeNet 0.1.2 is released) CVSS v3 vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C
Since SLikeNet/RakNet are libraries, there's no CVSS environmental score (since that score heavily depends on how/where the library is utilized).
Luke1410
commented
6 years ago SLikeNet 0.1.2 which resolves the issues (SLNET-194, SLNET-204) is available now at https://www.slikenet.com/ or here on GitHub at https://github.com/SLikeSoft/SLikeNet/releases/v.0.1.2 .
Hello.
In 2014 @8artek0v0 reported a DOS vulnerability to the RakNet developer(s), which was supposed to be fixed in https://github.com/facebookarchive/RakNet/commit/e97c4bb005ad5d98ceb04298e9921781720a1dca. However, it wasn't fixed completely, as described here: https://github.com/facebookarchive/RakNet/issues/102
Is this vulnerability somehow addressed in SLikeNet?