HomeGamesUpdatesPricingMethodology
Steam News9 January 201511y ago

Server exploit disclosure (2 vunerabilities, workarounds and fixes available)

(cross posted from the forums ) A vulnerability has been discovered in the Starbound server executable that allows writing non-arbitrary data to an arbitrary file that the user running the starbound_server executable ha

Full notes

Full Starbound update

Read the full published notes in a cleaner layout. The original post stays linked below.

What changed

1 fix0 additions0 changes0 removals
  • Security
fixed(cross posted from the forums ) A vulnerability has been discovered in the Starbound server executable that allows writing non-arbitrary data to an arbitrary file that the user running the starbound_server executable has permissions to write to. The mechanics of this vulnerability involves incorrectly validating sector names from the client. This vulnerability affects versions Enraged Koala and lower. It is fixed in the current unstable and the current nightly. To workaround this issue run the server under a heavily restricted user account. Unfortunately, it is still possible to denial of service attack a server using the workaround. Thanks goes to members of the ##starbound-modding IRC channel for bringing this issue to our attention. A vulnerability has been discovered in the Starbound server executable that allows players to gain admin privileges if they have been in the same area as an admin user. The mechanics of this vulnerability involves cloning the uuid of the admin player. This vulnerability affects all current versions; however, has been fixed in our repository and any nightly version dated after Jan 9 should be immune. To workaround, un /admin yourself before logging out. If you have logged out as /admin the last time you logged out, simply log in and un /admin yourself and log out. This exploit only functions if were an admin the last time you logged out or you were an /admin the last time an automatic store was running and haven't logged out yet. To find out if you are currently an admin you may type: "/whoami" More specific technical details will be forthcoming after the next stable update.

(cross posted from the forums ) A vulnerability has been discovered in the Starbound server executable that allows writing non-arbitrary data to an arbitrary file that the user running the starbound_server executable has permissions to write to. The mechanics of this vulnerability involves incorrectly validating sector names from the client. This vulnerability affects versions Enraged Koala and lower. It is fixed in the current unstable and the current nightly. To workaround this issue run the server under a heavily restricted user account. Unfortunately, it is still possible to denial of service attack a server using the workaround. Thanks goes to members of the ##starbound-modding IRC channel for bringing this issue to our attention. A vulnerability has been discovered in the Starbound server executable that allows players to gain admin privileges if they have been in the same area as an admin user. The mechanics of this vulnerability involves cloning the uuid of the admin player. This vulnerability affects all current versions; however, has been fixed in our repository and any nightly version dated after Jan 9 should be immune. To workaround, un /admin yourself before logging out. If you have logged out as /admin the last time you logged out, simply log in and un /admin yourself and log out. This exploit only functions if were an admin the last time you logged out or you were an /admin the last time an automatic store was running and haven't logged out yet. To find out if you are currently an admin you may type: "/whoami" More specific technical details will be forthcoming after the next stable update.

Source

Steam News / 9 January 2015

Open original post

Changelog.gg summarizes and formats this update. How we read updates.