Saturday, 18 April 2015

New Leak Can Crash 115,000 Minecraft Servers

A security researcher has published found vulnerability in Minecraft after nearly two years in 2013, allowing an attacker can certainly crash 115,000 Minecraft servers. Ammar Askar warned on July 28, 2013 Minecraft developer Mojang for a vulnerability in the popular game, more globally than 100 million registered players.

By sending to make a simple package, it was possible to let Minecraft-servers crash. As proof Askar also developed an exploit. Despite repeated attempts to contact an update remained, making the researcher, now almost two years later, has revealed the leak. The original vulnerability was discovered in version 1.6.2. Meanwhile 1.8.3 the latest version and this version is also vulnerable.

Research by the Shodan search engine that took place in late March this year, shows that worldwide certainly 115,000 Minecraft servers are online. Blog Posting of Askar in which he revealed the vulnerability also provided the necessary attention and brought him back into contact with developer Mojang. The company said work on an update. A previous solution would not have solved the problem, but Askar think Mojang had no solution developed, as he had sent an exploit to test his bug message.

Yet in retrospect, he suggests that he probably should have given the company a final warning before he revealed the vulnerability. "A combination of miscommunication and lack of testing led to this situation. Hopefully it's a good learning experience," says the researcher.

No comments:

Post a Comment