Cuberite Forum

With the recent OpenSSL vulnerability arising out of a failure to verify a length, I wonder, how secure is MCS?

Do we have any similar vulnerabilities that will allow someone to change their permissions? Modify webadmin settings? Explode the server? Explode the actual server? Explode the datacentre? Explode the country of the datacentre?

Has anyone ever used this emoticon?

I'm afraid we have way too many of such vulnerabilities, but I highly doubt any of them would do much more than crash the server. Most of the protocol stuff is really brittle, it just assumes that the client is sending the correct data with reasonably-limited sizes.

What about Heartbleed, MC edition?

If you concerned about heartbleed style bugs log into coverity. They have a developed a checker for heartbleed style bugs in the aftermath so other projects can check for them. We currently have 7 outstanding places where we do exactly what went wrong in heartbleed.

If you want to fix them

(06-13-2014, 05:13 AM)worktycho Wrote: [ -> ]If you want to fix them

feature not bug

In all seriousness, where is this checker?

The checker is called tainted scalar. The bug categories are untrusted value in loop bound and untrusted value as argument.

Useful information, thanks everyone.

---

Perhaps there should be a "known vulnerabilities" article somewhere.

These are not known vulnerabilities. There know potential vulnerabilities. They don't become known vulnerabilities until someone works out how to exploit them.

Call them what you want, "Potential vulnerabilities" is also fine to me.

"They don't become known vulnerabilities until someone works out how to exploit them. "

That's just plain terminology. Firefox lists your definition of "potential vulnerabilities" as "known vulnerabilities".
Check this out: https://www.mozilla.org/security/known-v...refox.html
Most -and maybe all- of these don't have a ready-to-use exploit, yet they're "known".

Like I said, I don't mind what you call them.