ca fais toujours plesir de savoir ke t en vie djeyl ----- Original Message ----- From: "dJeyL" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, January 10, 2003 10:46 PM Subject: Re: [hlcoders] Bugtraq: hl exploits
> (As posted on the hlds_linux mailing list) > > There are not 3 security advisories, but 5. > > > Half-Life Clanmod remote (root) hole > http://void.at/advisories/VSA0301_clanmod.txt > > Half-Life Adminmod remote (root) hole > http://void.at/advisories/VSA0302_adminmod.txt > > Half-Life StatsMe remote (root) hole > http://void.at/advisories/VSA0303_statsme.txt > > Half-Life Client remote hole via Adminmod plugin > http://void.at/advisories/VSA0304_adminmod_client.txt > > HLTV remote DoS > http://void.at/advisories/VSA0305_hltv.txt > > > Note that AM & SM also suffer from CM vulnerability you first noticed. > > > -- dJeyL > > ----- Original Message ----- > From: "botman" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, January 10, 2003 8:44 PM > Subject: Re: [hlcoders] Bugtraq: hl exploits > > > > > Bugtraq (a security related mailing list) just posted 3 advisories > > > concerning Half-Life (HLTV, ClanMod, Adminmod). I highly recommend to > any > > > coder and/or sysadmin to check these out (I'm not going to reproduce > them > > > here, bugtraq has an excellent archive). Although there's no fix > available > > > yet, you should at least know about the possible dangers. > > > > > > Just to clearify things: I'm in NO way related to those who found the > > > vulnerabilities, I'm just telling you that these exist so you know what > > > you'll have to deal with sooner or later. > > > > Here's the URL's for those of you that are not bugtraq savy... > > > > http://online.securityfocus.com/archive/1/306122/2003-01-07/2003-01-13/0 > > > > http://online.securityfocus.com/archive/1/306120/2003-01-07/2003-01-13/0 > > > > http://online.securityfocus.com/archive/1/306117/2003-01-07/2003-01-13/0 > > > > The AdminMOD and ClanMod exploits REQUIRE knowledge of the rcon password. > > > > Jeffrey "botman" Broome > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlcoders > > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders