this post was submitted on 29 Jul 2023
40 points (95.5% liked)

Minecraft

4313 readers
1 users here now

Welcome to the Minecraft community on Lemmy and Kbin!

The home for all posts related to the Minecraft franchise: from the classic game to the mobile ports, mods, adventure games, merchandise and similar!

Official Lemmy.world server available!

Lemmy.world hosts an official server that welcomes all players to contribute and have fun:

Minecraft Version: 1.20.x

Address: minecraft.lemmy.world

Please make sure you read our rules before posting.

Rules:

Rules can be clicked on to be expanded.

1: Treat all users with respect.

Bullying, threathening, doxxing, or toherwise hostile behaviors with any of our users will not be tolerated. Be civil, have fun.

2: Posts must be related to the Minecraft franchise.

This includes the main game, titles like Dungeons, fan art, wiki pages, toys, new feature votes, and similar content.

3: No advertising.

If you want to share a product you're a manufacturer or seller of, please contact the moderation team first. Affiliate links to online shopping stores or affiliate coupon codes are not allowed.

4: No piracy.

Links or discussions about cracked versions of games, unauthorized copies of copyrighted material and other similar piracy-related content are not allowed.

5: No NSFW or adult content.

This community is inclusive to users of all ages. Keep in mind Minecraft attracts children and adults alike. Therefore, no NSFW content is allowed.

6: No low-effort meme content.

Memes are allowed, and so are comics or other fan creations. However, low-effort reposts and otherwise overused memes will be removed.

Reddit reposts are allowed.

Reddit reposts are allowed, but you need to include the tag [Reddit] in the title.

Related communities:

founded 1 year ago
MODERATORS
 

BleedingPipe is an exploit being used in the wild allowing FULL remote code execution on clients and servers running popular Minecraft mods on 1.7.10/1.12.2 Forge (its mainly those versions, other versions are affected.), alongside some other mods. Use of the BleedingPipe exploit has already been observed on unsuspecting servers.

This is a vulnerability in mods using unsafe deserialization code, not in Forge itself.

top 2 comments
sorted by: hot top controversial new old
[โ€“] [email protected] 5 points 1 year ago (1 children)

Does an attacker need to be logged in to take advantage of the exploit? Will a whitelist keep my server safe?

[โ€“] [email protected] 3 points 1 year ago

From what I've read, no. It's an issue with some mods using insecure networking code, letting the malicious party to inject payloads to the server or clients.

From the blog post:

The bug is a well known issue with deserialization using ObjectInputStream. The mods affected used OIS for networking code, and this allowed packets with malicious serialization to be sent. This allows anything to be run on the server, which then can be used on the server to do the same thing to all clients, therefore infecting all clients with the server in reverse.

Take my conclusions with a grain of salt, I'm no expert so I might be wrong.