Additionally: Public Disclosure - 1 Non Disclosure Under Valve Time - Nil
2009/8/22 botman <botman.hlcod...@gmail.com>: > Funny strange or funny "ha-ha"? > > On 8/21/2009 5:57 PM, Christopher Harris wrote: >> It is funny how all the exploits were fixed within a day of posting the link >> to the coders list. >> >> Chris >> >> -----Original Message----- >> From: hlcoders-boun...@list.valvesoftware.com >> [mailto:hlcoders-boun...@list.valvesoftware.com] On Behalf Of Saul Rennison >> Sent: Friday, August 21, 2009 7:05 AM >> To: Discussion of Half-Life Programming >> Subject: Re: [hlcoders] Fragments memory corruption in the Source Engine >> (exploit; arbitary memory access) >> >> Don't accept console commands from players with no entity? How does >> the engine know when a CBasePlayer has been made for the player when >> it doesn't have access to it? :3 >> >> Thanks, >> - Saul. >> >> On 21 Aug 2009, at 08:57, AzuiSleet<azuisl...@gmail.com> wrote: >> >>> The solutions for some of them are very simple, but haven't been >>> implemented. Some easy solutions off the top of my head: Don't accept >>> console commands from a client if their player entity is NULL, also >>> don't >>> accept NaN as viewangles. >>> >>> On Fri, Aug 21, 2009 at 1:01 AM, Christopher Harris >>> <char...@resrchnet.com>wrote: >>> >>>> I agree. >>>> >>>> Chris >>>> >>>> -----Original Message----- >>>> From: hlcoders-boun...@list.valvesoftware.com >>>> [mailto:hlcoders-boun...@list.valvesoftware.com] On Behalf Of Spencer >>>> 'voogru' MacDonald >>>> Sent: Friday, August 21, 2009 12:43 AM >>>> To: 'Discussion of Half-Life Programming' >>>> Subject: Re: [hlcoders] Fragments memory corruption in the Source >>>> Engine >>>> (exploit; arbitary memory access) >>>> >>>> Not really. >>>> >>>> I've personally seen valve fix stuff like this once they were made >>>> aware of >>>> it. I'm wondering if this guy even alerted valve to it before >>>> releasing it. >>>> >>>> I don't mind him publicly disclosing stuff, but giving out pre- >>>> packaged >>>> binaries with the exploit that any 13 year old could figure out how >>>> to use >>>> is a little silly in my opinion. >>>> >>>> It's enough to describe the exploit and the specifics related to it. >>>> >>>> -----Original Message----- >>>> From: hlcoders-boun...@list.valvesoftware.com >>>> [mailto:hlcoders-boun...@list.valvesoftware.com] On Behalf Of Joel R. >>>> Sent: Friday, August 21, 2009 12:21 AM >>>> To: Discussion of Half-Life Programming >>>> Subject: Re: [hlcoders] Fragments memory corruption in the Source >>>> Engine >>>> (exploit; arbitary memory access) >>>> >>>> Public disclosure is the only way to get something fixed. >>>> >>>> On Thu, Aug 20, 2009 at 11:09 PM, Adam "amckern" McKern >>>> <amck...@yahoo.com>wrote: >>>> >>>>> Dont you just love public disclosure by black hats? >>>>> >>>>> -------- >>>>> Owner Nigredo Studios http://www.nigredostudios.com >>>>> >>>>> --- On Fri, 21/8/09, 1nsane<1nsane...@gmail.com> wrote: >>>>> >>>>> From: 1nsane<1nsane...@gmail.com> >>>>> Subject: Re: [hlcoders] Fragments memory corruption in the Source >>>>> Engine >>>>> (exploit; arbitary memory access) >>>>> To: "Discussion of Half-Life Programming"< >>>> hlcoders@list.valvesoftware.com >>>>> Received: Friday, 21 August, 2009, 12:55 PM >>>>> >>>>> And there's still some left. >>>>> >>>>> But hey, now this is super public! >>>>> >>>>> On Thu, Aug 20, 2009 at 10:49 PM, AzuiSleet<azuisl...@gmail.com> >>>>> wrote: >>>>> >>>>>> These exploits are already public, and have been floating around >>>>>> for >>>>> years >>>>>> before anyway. >>>>>> >>>>>> On Thu, Aug 20, 2009 at 8:43 PM, Matt Hoffman >>>>>> <lord.matt.hoff...@gmail.com>wrote: >>>>>> >>>>>>> Is it really a good idea to post the link? Not everyone on this >>>>>>> list >>>>> has >>>>>>> the >>>>>>> best intentions, nor do I think anyone can do anything about it? >>>>> (Correct >>>>>>> me >>>>>>> if I'm wrong) >>>>>>> >>>>>>> Wouldn't it work better directly mailed to Valve? >>>>>>> >>>>>>> On Thu, Aug 20, 2009 at 7:37 PM, Saul Rennison< >>>>> saul.renni...@gmail.com >>>>>>>> wrote: >>>>>>>> Luigi has found yet another exploit in Valve's up-to-date, >>>>>>>> unexploitable engine :D >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> Thanks, >>>>>>>> - Saul. >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> To unsubscribe, edit your list preferences, or view the list >>>>> archives, >>>>>>>> please visit: >>>>>>>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>>>>>>> >>>>>>>> >>>>>>> _______________________________________________ >>>>>>> To unsubscribe, edit your list preferences, or view the list >>>> archives, >>>>>>> please visit: >>>>>>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>>>>>> >>>>>>> >>>>>> _______________________________________________ >>>>>> To unsubscribe, edit your list preferences, or view the list >>>>>> archives, >>>>>> please visit: >>>>>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>>>>> >>>>>> >>>>> _______________________________________________ >>>>> To unsubscribe, edit your list preferences, or view the list >>>>> archives, >>>>> please visit: >>>>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>> >> ____________________________________________________________________________ >> >> >>>> ______ >>>>> Find local businesses and services in your area with Yahoo!7 Local. >>>>> Get started: http://local.yahoo.com.au >>>>> _______________________________________________ >>>>> To unsubscribe, edit your list preferences, or view the list >>>>> archives, >>>>> please visit: >>>>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>>>> >>>>> >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list >>>> archives, >>>> please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>>> >>>> >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list >>>> archives, >>>> please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>>> >>>> >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list >>>> archives, >>>> please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>>> >>>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list >>> archives, please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlcoders >> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlcoders >> > > -- > Jeffrey "botman" Broome > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlcoders > > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders