An exploit has been found that only affects bukkit/spigot servers. This exploit allows anyone to login as any username on an online mode server, if your server is in offline mode and you have a plugin such as authme then you are not affected.

If you do have an online mode bukkit server then you must immediately go to your FTP on multicraft (files -> FTP File Access) and delete spigot.jar and craftbukkitdev.jar. 

We recommend everyone then select 'Bukkit: Spigot' from the jar dropdown, hits save and starts their server. This will prevent your server from being affected by this exploit.

If you have an online mode bukkit server and do not follow this advice then we are not responsible for any damage that is done to your server by players logging in on OP accounts.

Thursday, September 5, 2013

« Back