GLSA-201705-13 : Teeworlds: Remote execution of arbitrary code on client
High Nessus Plugin ID 100445
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201705-13 (Teeworlds: Remote execution of arbitrary code on client)
Teeworlds client contains a vulnerability allowing a malicious server to execute arbitrary code, or write to arbitrary physical memory via the CClient::ProcessServerPacket method.
A remote malicious server can write to arbitrary physical memory locations and possibly execute arbitrary if a vulnerable client joins the server.
There is no known workaround at this time.
SolutionAll Teeworlds users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=games-action/teeworlds-0.6.4:0'