PT-2007-5703 · Soldat · Soldat Dedicated Server+1

Published

2007-08-25

Updated

2018-10-15

CVE-2007-4532

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Soldat game server versions 1.4.2 and earlier Soldat dedicated server versions 2.6.2 and earlier

Description The issue allows remote attackers to cause a denial of service, specifically a client lockout, by sending a series of UDP join packets from a spoofed IP address. This action triggers the temporary blacklisting of the spoofed IP address.

Recommendations For Soldat game server versions 1.4.2 and earlier, consider implementing IP address validation to prevent spoofing. For Soldat dedicated server versions 2.6.2 and earlier, restrict UDP join packets from unknown sources to minimize the risk of exploitation. As a temporary workaround, consider disabling the UDP join functionality until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-4532

Affected Products

Soldat Dedicated Server

Soldat Game Server

PT-2007-5703 · Soldat · Soldat Dedicated Server+1

CVE-2007-4532

Related Identifiers

Affected Products

References · 6