Bleeding Pipe: A RCE vulnerability exploited in the wild

blog.mmpa.info

Bleeding Pipe: A RCE vulnerability exploited in the wild

blog.mmpa.info

Roman0@lemmy.shtuf.eu to

Minecraft@lemmy.worldEnglish · 11 months ago

A new vulnerability in LogisticsPipes and other mods allowing RCE on clients and servers.

BleedingPipe is an exploit being used in the wild allowing FULL remote code execution on clients and servers running popular Minecraft mods on 1.7.10/1.12.2 Forge (its mainly those versions, other versions are affected.), alongside some other mods. Use of the BleedingPipe exploit has already been observed on unsuspecting servers.

This is a vulnerability in mods using unsafe deserialization code, not in Forge itself.

You must log in or register to comment.

Chat

Minecraft@lemmy.world

minecraft@lemmy.world

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !minecraft@lemmy.world

Welcome to the Minecraft community on Lemmy and Kbin!

The home for all posts related to the Minecraft franchise: from the classic game to the mobile ports, mods, adventure games, merchandise and similar!

Official Lemmy.world server available!

Lemmy.world hosts an official server that welcomes all players to contribute and have fun:

Minecraft Version: 1.20.x

Address: minecraft.lemmy.world

Please make sure you read our rules before posting.

Rules:

Rules can be clicked on to be expanded.

1: Treat all users with respect.

Bullying, threathening, doxxing, or toherwise hostile behaviors with any of our users will not be tolerated. Be civil, have fun.

2: Posts must be related to the Minecraft franchise.

This includes the main game, titles like Dungeons, fan art, wiki pages, toys, new feature votes, and similar content.

3: No advertising.

If you want to share a product you’re a manufacturer or seller of, please contact the moderation team first. Affiliate links to online shopping stores or affiliate coupon codes are not allowed.

4: No piracy.

Links or discussions about cracked versions of games, unauthorized copies of copyrighted material and other similar piracy-related content are not allowed.

5: No NSFW or adult content.

This community is inclusive to users of all ages. Keep in mind Minecraft attracts children and adults alike. Therefore, no NSFW content is allowed.

6: No low-effort meme content.

Memes are allowed, and so are comics or other fan creations. However, low-effort reposts and otherwise overused memes will be removed.

Reddit reposts are allowed.

Reddit reposts are allowed, but you need to include the tag [Reddit] in the title.

Related communities:

PC Gaming: !pcgaming@lemmy.world
Games: !games@lemmy.world
PC Handhelds: !pchandhelds@lemmy.world
Minecraft modding: !moddedminecraft@sopuli.xyz

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

95 users / day
157 users / week
932 users / month
2.17K users / 6 months
2 local subscribers
4.08K subscribers
246 Posts
1.35K Comments
Modlog