Re: [hlds_linux] CS 1.6 New Exploit?
You need to run with "-hlbeta" to get those CS fixes right now. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of José Santos Sent: Saturday, July 14, 2012 9:26 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? We noticed this as well. Alfred, does the stable release (without the -hlbeta) is fixed against cl_setautobuy at the moment? On 3 July 2012 20:19, Thiago Abreu wrote: > Without -hlbeta the server stay vulnerable to cl_setautobuy > > 2012/7/3 Alfred Reynolds > >> Try the update again, you should be getting v69 for the Linux server >> engine depot. >> >> - Alfred >> >> -Original Message- >> From: hlds_linux-boun...@list.valvesoftware.com [mailto: >> hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >> Sent: Tuesday, July 03, 2012 12:59 AM >> To: Half-Life dedicated Linux server mailing list >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> Здравствуйте, Alfred. >> >> Вы писали 3 липня 2012 р., 1:39:45: >> >> If I use -beta hlbeta, then >> 0:17 Updating 'Linux Server Engine' from version 69 to version 67 >> :))) >> So I wonder, what's the idea to force to make decision of having >> either latest hl engine binary, or latest cs engine? >> >> > Because you ran without "-beta hlbeta" for your update command? If >> > you want to continue using the CS 1.6 beta bits they are still >> > behind this beta flag, it is just the base engine that no longer is. >> >> > - Alfred >> >> > -Original Message- >> > From: hlds_linux-boun...@list.valvesoftware.com >> > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >> > Sent: Monday, July 02, 2012 3:36 PM >> > To: Half-Life dedicated Linux server mailing list >> > Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> > Здравствуйте, Alfred. >> >> > Вы писали 3 липня 2012 р., 1:22:01: >> >> > Can you explain, why when downloading this update, 'Counter-Strike >> > Base Content' is downgraded "from version 36 to version 35" ? >> >> >> There was a brief problem with the hltv Linux binary, that has since >> been fixed. >> >> >> -Original Message- >> >> From: hlds_linux-boun...@list.valvesoftware.com >> >> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >> Howard >> >> Sent: Monday, July 02, 2012 3:00 PM >> >> To: Half-Life dedicated Linux server mailing list >> >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> >> I believe with the last update, there was a problem with hltv not >> >> working as reported by someone else. For some reason, I kept getting >> segmentation faults on linux. >> >> >> >> >> >> >> From: Ejziponken - >> >> To: "hlds_linux@list.valvesoftware.com" >> >> >> >> Sent: Monday, July 2, 2012 5:32:27 PM >> >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> >> >> >> Wasnt there a problem with the last update? Did you fix that? >> >> >>> From: alf...@valvesoftware.com >> >>> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com >> >>> Date: Mon, 2 Jul 2012 20:48:36 + >> >>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >>> >> >>> This sounds like the exploit fixed last week, make sure you update >> your install. In particular that exploit would let you download .cfg file >> from your server, and if you put your rcon password in that file they can >> then get full rcon control of the server (and change the motd amongst other >> things). >> >>> >> >>> - Alfred >> >>> >> >>> -Original Message- >> >>> From: hlds_linux-boun...@list.valvesoftware.com [mailto: >> hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard >> >>> Sent: Monday, July 02, 2012 1:46 PM >> >>> To: hlds_linux@list.valvesoftware.com >> >>> Subject: [hlds_linux] CS 1.6 New Exploit? >> >>> >> >>> I think there is a new exploit out. Today on one of my servers someone >> was able to download my server.cfg file and was able to upload his own motd >> file with a link to a virus downl
Re: [hlds_linux] CS 1.6 New Exploit?
After the update that fixes the cfg.ztmp exploit, HL1 servers seem to not beeing generating any .ztmp files at all, what appears to be causing problems in the download of new maps from HL1 clients. Anyone noticed this issue? On 14 July 2012 17:25, José Santos wrote: > We noticed this as well. > > Alfred, does the stable release (without the -hlbeta) is fixed against > cl_setautobuy at the moment? > > On 3 July 2012 20:19, Thiago Abreu wrote: >> Without -hlbeta the server stay vulnerable to cl_setautobuy >> >> 2012/7/3 Alfred Reynolds >> >>> Try the update again, you should be getting v69 for the Linux server >>> engine depot. >>> >>> - Alfred >>> >>> -Original Message- >>> From: hlds_linux-boun...@list.valvesoftware.com [mailto: >>> hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >>> Sent: Tuesday, July 03, 2012 12:59 AM >>> To: Half-Life dedicated Linux server mailing list >>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>> >>> Здравствуйте, Alfred. >>> >>> Вы писали 3 липня 2012 р., 1:39:45: >>> >>> If I use -beta hlbeta, then >>> 0:17 Updating 'Linux Server Engine' from version 69 to version 67 >>> :))) >>> So I wonder, what's the idea to force to make decision of having >>> either latest hl engine binary, or latest cs engine? >>> >>> > Because you ran without "-beta hlbeta" for your update command? If >>> > you want to continue using the CS 1.6 beta bits they are still >>> > behind this beta flag, it is just the base engine that no longer is. >>> >>> > - Alfred >>> >>> > -Original Message- >>> > From: hlds_linux-boun...@list.valvesoftware.com >>> > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >>> > Sent: Monday, July 02, 2012 3:36 PM >>> > To: Half-Life dedicated Linux server mailing list >>> > Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>> >>> > Здравствуйте, Alfred. >>> >>> > Вы писали 3 липня 2012 р., 1:22:01: >>> >>> > Can you explain, why when downloading this update, 'Counter-Strike >>> > Base Content' is downgraded "from version 36 to version 35" ? >>> >>> >> There was a brief problem with the hltv Linux binary, that has since >>> been fixed. >>> >>> >> -Original Message- >>> >> From: hlds_linux-boun...@list.valvesoftware.com >>> >> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >>> Howard >>> >> Sent: Monday, July 02, 2012 3:00 PM >>> >> To: Half-Life dedicated Linux server mailing list >>> >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>> >>> >> I believe with the last update, there was a problem with hltv not >>> >> working as reported by someone else. For some reason, I kept getting >>> segmentation faults on linux. >>> >>> >>> >>> >> >>> >> From: Ejziponken - >>> >> To: "hlds_linux@list.valvesoftware.com" >>> >> >>> >> Sent: Monday, July 2, 2012 5:32:27 PM >>> >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>> >> >>> >>> >> Wasnt there a problem with the last update? Did you fix that? >>> >>> >>> From: alf...@valvesoftware.com >>> >>> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com >>> >>> Date: Mon, 2 Jul 2012 20:48:36 + >>> >>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>> >>> >>> >>> This sounds like the exploit fixed last week, make sure you update >>> your install. In particular that exploit would let you download .cfg file >>> from your server, and if you put your rcon password in that file they can >>> then get full rcon control of the server (and change the motd amongst other >>> things). >>> >>> >>> >>> - Alfred >>> >>> >>> >>> -Original Message- >>> >>> From: hlds_linux-boun...@list.valvesoftware.com [mailto: >>> hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard >>> >>> Sent: Monday, July 02, 2012 1:46 PM >>> >>> To: hlds_linux@list.val
Re: [hlds_linux] CS 1.6 New Exploit?
We noticed this as well. Alfred, does the stable release (without the -hlbeta) is fixed against cl_setautobuy at the moment? On 3 July 2012 20:19, Thiago Abreu wrote: > Without -hlbeta the server stay vulnerable to cl_setautobuy > > 2012/7/3 Alfred Reynolds > >> Try the update again, you should be getting v69 for the Linux server >> engine depot. >> >> - Alfred >> >> -Original Message- >> From: hlds_linux-boun...@list.valvesoftware.com [mailto: >> hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >> Sent: Tuesday, July 03, 2012 12:59 AM >> To: Half-Life dedicated Linux server mailing list >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> Здравствуйте, Alfred. >> >> Вы писали 3 липня 2012 р., 1:39:45: >> >> If I use -beta hlbeta, then >> 0:17 Updating 'Linux Server Engine' from version 69 to version 67 >> :))) >> So I wonder, what's the idea to force to make decision of having >> either latest hl engine binary, or latest cs engine? >> >> > Because you ran without "-beta hlbeta" for your update command? If >> > you want to continue using the CS 1.6 beta bits they are still >> > behind this beta flag, it is just the base engine that no longer is. >> >> > - Alfred >> >> > -Original Message- >> > From: hlds_linux-boun...@list.valvesoftware.com >> > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >> > Sent: Monday, July 02, 2012 3:36 PM >> > To: Half-Life dedicated Linux server mailing list >> > Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> > Здравствуйте, Alfred. >> >> > Вы писали 3 липня 2012 р., 1:22:01: >> >> > Can you explain, why when downloading this update, 'Counter-Strike >> > Base Content' is downgraded "from version 36 to version 35" ? >> >> >> There was a brief problem with the hltv Linux binary, that has since >> been fixed. >> >> >> -Original Message- >> >> From: hlds_linux-boun...@list.valvesoftware.com >> >> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >> Howard >> >> Sent: Monday, July 02, 2012 3:00 PM >> >> To: Half-Life dedicated Linux server mailing list >> >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> >> I believe with the last update, there was a problem with hltv not >> >> working as reported by someone else. For some reason, I kept getting >> segmentation faults on linux. >> >> >> >> >> >> >> From: Ejziponken - >> >> To: "hlds_linux@list.valvesoftware.com" >> >> >> >> Sent: Monday, July 2, 2012 5:32:27 PM >> >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> >> >> >> Wasnt there a problem with the last update? Did you fix that? >> >> >>> From: alf...@valvesoftware.com >> >>> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com >> >>> Date: Mon, 2 Jul 2012 20:48:36 + >> >>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >>> >> >>> This sounds like the exploit fixed last week, make sure you update >> your install. In particular that exploit would let you download .cfg file >> from your server, and if you put your rcon password in that file they can >> then get full rcon control of the server (and change the motd amongst other >> things). >> >>> >> >>> - Alfred >> >>> >> >>> -Original Message- >> >>> From: hlds_linux-boun...@list.valvesoftware.com [mailto: >> hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard >> >>> Sent: Monday, July 02, 2012 1:46 PM >> >>> To: hlds_linux@list.valvesoftware.com >> >>> Subject: [hlds_linux] CS 1.6 New Exploit? >> >>> >> >>> I think there is a new exploit out. Today on one of my servers someone >> was able to download my server.cfg file and was able to upload his own motd >> file with a link to a virus download. I checked my cstrike folder and it >> had server.cfg.ZTMP >> >>> >> >>> Anyone else experience this? Or is this an old exploit and what >> protection is there from it? >> >>> ___ >> >>> To unsubscribe, edit your list preferences, or view the list arch
Re: [hlds_linux] CS 1.6 New Exploit?
Maybe try the update without the -beta hlbeta command and see what happens. From: Anthony Stoyanov To: hlds_linux@list.valvesoftware.com Sent: Friday, July 6, 2012 2:36:46 PM Subject: Re: [hlds_linux] CS 1.6 New Exploit? Well. I didn't have that problem before the update. On 6.7.2012 г. 21:11 ч., px@ipt wrote: > Здравствуйте, Anthony. > > Вы писали 6 липня 2012 р., 20:42:22: > > Just checked, there are a lot of such messages in servers logs, but no > drops there, not before last update, nor after > >> Ok, thanks. >> After the update though, I noticed that all the servers drop players >> constantly with the "SZ_GetSpace: overflow on netchan->message" and >> "Reason: Reliable channel overflowed" errors. >> Ping to the server is fine (no loss or high ms). >> On 6.7.2012 г. 20:36 ч., px@ipt wrote: >>> Здравствуйте, Anthony. >>> >>> Вы писали 6 липня 2012 р., 20:13:31: >>> >>> -beta hlbeta should work fine >>> >>>> Ok. So in the end. Should we use -autoupdate or -beta hlbeta for this >>>> last update? >>>> On 4.7.2012 г. 00:56 ч., Collin Howard wrote: >>>>> did you use the -beta hlbeta command? >>>>> >>>>> >>>>> >>>>> >>>>> From: "px@ipt" >>>>> To: Half-Life dedicated Linux server mailing list >>>>> >>>>> Sent: Tuesday, July 3, 2012 2:53:21 PM >>>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>>> >>>>> Здравствуйте, Alfred. >>>>> >>>>> Вы писали 3 липня 2012 р., 19:44:16: >>>>> >>>>> Just checked, now works as should, seems either was temporary glitch >>>>> or server on 194.som.eth.ing was not properly updated... >>>>> >>>>>> Try the update again, you should be getting v69 for the Linux server >>>>>> engine depot. >>>>>> - Alfred >>>>>> -Original Message- >>>>>> From: hlds_linux-boun...@list.valvesoftware.com >>>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >>>>>> Sent: Tuesday, July 03, 2012 12:59 AM >>>>>> To: Half-Life dedicated Linux server mailing list >>>>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>>>> Здравствуйте, Alfred. >>>>>> Вы писали 3 липня 2012 р., 1:39:45: >>>>>> If I use -beta hlbeta, then >>>>>> 0:17 Updating 'Linux Server Engine' from version 69 to version 67 >>>>>> :))) >>>>>> So I wonder, what's the idea to force to make decision of having >>>>>> either latest hl engine binary, or latest cs engine? >>>>>>> Because you ran without "-beta hlbeta" for your update command? If >>>>>>> you want to continue using the CS 1.6 beta bits they are still >>>>>>> behind this beta flag, it is just the base engine that no longer is. >>>>>>> - Alfred >>>>>>> -Original Message- >>>>>>> From: hlds_linux-boun...@list.valvesoftware.com >>>>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >>>>>>> Sent: Monday, July 02, 2012 3:36 PM >>>>>>> To: Half-Life dedicated Linux server mailing list >>>>>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>>>>> Здравствуйте, Alfred. >>>>>>> Вы писали 3 липня 2012 р., 1:22:01: >>>>>>> Can you explain, why when downloading this update, 'Counter-Strike >>>>>>> Base Content' is downgraded "from version 36 to version 35" ? >>>>>>>> There was a brief problem with the hltv Linux binary, that has since >>>>>>>> been fixed. >>>>>>>> -Original Message- >>>>>>>> From: hlds_linux-boun...@list.valvesoftware.com >>>>>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >>>>>>>> Howard >>>>>>>> Sent: Monday, July 02, 2012 3:00 PM >>>>>>>> To: Half-Life dedicated Linux server mailing list >>>>>>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>>>>>> I believe with the last upd
Re: [hlds_linux] CS 1.6 New Exploit?
Well. I didn't have that problem before the update. On 6.7.2012 г. 21:11 ч., px@ipt wrote: Здравствуйте, Anthony. Вы писали 6 липня 2012 р., 20:42:22: Just checked, there are a lot of such messages in servers logs, but no drops there, not before last update, nor after Ok, thanks. After the update though, I noticed that all the servers drop players constantly with the "SZ_GetSpace: overflow on netchan->message" and "Reason: Reliable channel overflowed" errors. Ping to the server is fine (no loss or high ms). On 6.7.2012 г. 20:36 ч., px@ipt wrote: Здравствуйте, Anthony. Вы писали 6 липня 2012 р., 20:13:31: -beta hlbeta should work fine Ok. So in the end. Should we use -autoupdate or -beta hlbeta for this last update? On 4.7.2012 г. 00:56 ч., Collin Howard wrote: did you use the -beta hlbeta command? From: "px@ipt" To: Half-Life dedicated Linux server mailing list Sent: Tuesday, July 3, 2012 2:53:21 PM Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 19:44:16: Just checked, now works as should, seems either was temporary glitch or server on 194.som.eth.ing was not properly updated... Try the update again, you should be getting v69 for the Linux server engine depot. - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt Sent: Tuesday, July 03, 2012 12:59 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 1:39:45: If I use -beta hlbeta, then 0:17 Updating 'Linux Server Engine' from version 69 to version 67 :))) So I wonder, what's the idea to force to make decision of having either latest hl engine binary, or latest cs engine? Because you ran without "-beta hlbeta" for your update command? If you want to continue using the CS 1.6 beta bits they are still behind this beta flag, it is just the base engine that no longer is. - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt Sent: Monday, July 02, 2012 3:36 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 1:22:01: Can you explain, why when downloading this update, 'Counter-Strike Base Content' is downgraded "from version 36 to version 35" ? There was a brief problem with the hltv Linux binary, that has since been fixed. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard Sent: Monday, July 02, 2012 3:00 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? I believe with the last update, there was a problem with hltv not working as reported by someone else. For some reason, I kept getting segmentation faults on linux. From: Ejziponken - To: "hlds_linux@list.valvesoftware.com" Sent: Monday, July 2, 2012 5:32:27 PM Subject: Re: [hlds_linux] CS 1.6 New Exploit? Wasnt there a problem with the last update? Did you fix that? From: alf...@valvesoftware.com To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com Date: Mon, 2 Jul 2012 20:48:36 + Subject: Re: [hlds_linux] CS 1.6 New Exploit? This sounds like the exploit fixed last week, make sure you update your install. In particular that exploit would let you download .cfg file from your server, and if you put your rcon password in that file they can then get full rcon control of the server (and change the motd amongst other things). - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard Sent: Monday, July 02, 2012 1:46 PM To: hlds_linux@list.valvesoftware.com Subject: [hlds_linux] CS 1.6 New Exploit? I think there is a new exploit out. Today on one of my servers someone was able to download my server.cfg file and was able to upload his own motd file with a link to a virus download. I checked my cstrike folder and it had server.cfg.ZTMP Anyone else experience this? Or is this an old exploit and what protection is there from it? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] CS 1.6 New Exploit?
Здравствуйте, Anthony. Вы писали 6 липня 2012 р., 20:42:22: Just checked, there are a lot of such messages in servers logs, but no drops there, not before last update, nor after > Ok, thanks. > After the update though, I noticed that all the servers drop players > constantly with the "SZ_GetSpace: overflow on netchan->message" and > "Reason: Reliable channel overflowed" errors. > Ping to the server is fine (no loss or high ms). > On 6.7.2012 г. 20:36 ч., px@ipt wrote: >> Здравствуйте, Anthony. >> >> Вы писали 6 липня 2012 р., 20:13:31: >> >> -beta hlbeta should work fine >> >>> Ok. So in the end. Should we use -autoupdate or -beta hlbeta for this >>> last update? >>> On 4.7.2012 г. 00:56 ч., Collin Howard wrote: >>>> did you use the -beta hlbeta command? >>>> >>>> >>>> >>>> ________ >>>>From: "px@ipt" >>>> To: Half-Life dedicated Linux server mailing list >>>> >>>> Sent: Tuesday, July 3, 2012 2:53:21 PM >>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>> >>>> Здравствуйте, Alfred. >>>> >>>> Вы писали 3 липня 2012 р., 19:44:16: >>>> >>>> Just checked, now works as should, seems either was temporary glitch >>>> or server on 194.som.eth.ing was not properly updated... >>>> >>>>> Try the update again, you should be getting v69 for the Linux server >>>>> engine depot. >>>>> - Alfred >>>>> -Original Message- >>>>> From: hlds_linux-boun...@list.valvesoftware.com >>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >>>>> Sent: Tuesday, July 03, 2012 12:59 AM >>>>> To: Half-Life dedicated Linux server mailing list >>>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>>> Здравствуйте, Alfred. >>>>> Вы писали 3 липня 2012 р., 1:39:45: >>>>> If I use -beta hlbeta, then >>>>> 0:17 Updating 'Linux Server Engine' from version 69 to version 67 >>>>> :))) >>>>> So I wonder, what's the idea to force to make decision of having >>>>> either latest hl engine binary, or latest cs engine? >>>>>> Because you ran without "-beta hlbeta" for your update command? If >>>>>> you want to continue using the CS 1.6 beta bits they are still >>>>>> behind this beta flag, it is just the base engine that no longer is. >>>>>> - Alfred >>>>>> -Original Message- >>>>>> From: hlds_linux-boun...@list.valvesoftware.com >>>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >>>>>> Sent: Monday, July 02, 2012 3:36 PM >>>>>> To: Half-Life dedicated Linux server mailing list >>>>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>>>> Здравствуйте, Alfred. >>>>>> Вы писали 3 липня 2012 р., 1:22:01: >>>>>> Can you explain, why when downloading this update, 'Counter-Strike >>>>>> Base Content' is downgraded "from version 36 to version 35" ? >>>>>>> There was a brief problem with the hltv Linux binary, that has since >>>>>>> been fixed. >>>>>>> -Original Message- >>>>>>> From: hlds_linux-boun...@list.valvesoftware.com >>>>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >>>>>>> Howard >>>>>>> Sent: Monday, July 02, 2012 3:00 PM >>>>>>> To: Half-Life dedicated Linux server mailing list >>>>>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>>>>> I believe with the last update, there was a problem with hltv not >>>>>>> working as reported by someone else. For some reason, I kept getting >>>>>>> segmentation faults on linux. >>>> >>>>>>> >>>>>>> From: Ejziponken - >>>>>>> To: "hlds_linux@list.valvesoftware.com" >>>>>>> >>>>>>> Sent: Monday, July 2, 2012 5:32:27 PM >>>>>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>>>>> >>>>>>> Wasnt there a problem with the last up
Re: [hlds_linux] CS 1.6 New Exploit?
Ok, thanks. After the update though, I noticed that all the servers drop players constantly with the "SZ_GetSpace: overflow on netchan->message" and "Reason: Reliable channel overflowed" errors. Ping to the server is fine (no loss or high ms). On 6.7.2012 г. 20:36 ч., px@ipt wrote: Здравствуйте, Anthony. Вы писали 6 липня 2012 р., 20:13:31: -beta hlbeta should work fine Ok. So in the end. Should we use -autoupdate or -beta hlbeta for this last update? On 4.7.2012 г. 00:56 ч., Collin Howard wrote: did you use the -beta hlbeta command? From: "px@ipt" To: Half-Life dedicated Linux server mailing list Sent: Tuesday, July 3, 2012 2:53:21 PM Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 19:44:16: Just checked, now works as should, seems either was temporary glitch or server on 194.som.eth.ing was not properly updated... Try the update again, you should be getting v69 for the Linux server engine depot. - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt Sent: Tuesday, July 03, 2012 12:59 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 1:39:45: If I use -beta hlbeta, then 0:17 Updating 'Linux Server Engine' from version 69 to version 67 :))) So I wonder, what's the idea to force to make decision of having either latest hl engine binary, or latest cs engine? Because you ran without "-beta hlbeta" for your update command? If you want to continue using the CS 1.6 beta bits they are still behind this beta flag, it is just the base engine that no longer is. - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt Sent: Monday, July 02, 2012 3:36 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 1:22:01: Can you explain, why when downloading this update, 'Counter-Strike Base Content' is downgraded "from version 36 to version 35" ? There was a brief problem with the hltv Linux binary, that has since been fixed. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard Sent: Monday, July 02, 2012 3:00 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? I believe with the last update, there was a problem with hltv not working as reported by someone else. For some reason, I kept getting segmentation faults on linux. From: Ejziponken - To: "hlds_linux@list.valvesoftware.com" Sent: Monday, July 2, 2012 5:32:27 PM Subject: Re: [hlds_linux] CS 1.6 New Exploit? Wasnt there a problem with the last update? Did you fix that? From: alf...@valvesoftware.com To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com Date: Mon, 2 Jul 2012 20:48:36 + Subject: Re: [hlds_linux] CS 1.6 New Exploit? This sounds like the exploit fixed last week, make sure you update your install. In particular that exploit would let you download .cfg file from your server, and if you put your rcon password in that file they can then get full rcon control of the server (and change the motd amongst other things). - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard Sent: Monday, July 02, 2012 1:46 PM To: hlds_linux@list.valvesoftware.com Subject: [hlds_linux] CS 1.6 New Exploit? I think there is a new exploit out. Today on one of my servers someone was able to download my server.cfg file and was able to upload his own motd file with a link to a virus download. I checked my cstrike folder and it had server.cfg.ZTMP Anyone else experience this? Or is this an old exploit and what protection is there from it? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list arc
Re: [hlds_linux] CS 1.6 New Exploit?
Здравствуйте, Anthony. Вы писали 6 липня 2012 р., 20:13:31: -beta hlbeta should work fine > Ok. So in the end. Should we use -autoupdate or -beta hlbeta for this > last update? > On 4.7.2012 г. 00:56 ч., Collin Howard wrote: >> did you use the -beta hlbeta command? >> >> >> >> >> From: "px@ipt" >> To: Half-Life dedicated Linux server mailing list >> >> Sent: Tuesday, July 3, 2012 2:53:21 PM >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> Здравствуйте, Alfred. >> >> Вы писали 3 липня 2012 р., 19:44:16: >> >> Just checked, now works as should, seems either was temporary glitch >> or server on 194.som.eth.ing was not properly updated... >> >>> Try the update again, you should be getting v69 for the Linux server engine >>> depot. >>> - Alfred >>> -Original Message- >>> From: hlds_linux-boun...@list.valvesoftware.com >>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >>> Sent: Tuesday, July 03, 2012 12:59 AM >>> To: Half-Life dedicated Linux server mailing list >>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>> Здравствуйте, Alfred. >>> Вы писали 3 липня 2012 р., 1:39:45: >>> If I use -beta hlbeta, then >>> 0:17 Updating 'Linux Server Engine' from version 69 to version 67 >>> :))) >>> So I wonder, what's the idea to force to make decision of having >>> either latest hl engine binary, or latest cs engine? >>>> Because you ran without "-beta hlbeta" for your update command? If >>>> you want to continue using the CS 1.6 beta bits they are still >>>> behind this beta flag, it is just the base engine that no longer is. >>>> - Alfred >>>> -Original Message- >>>> From: hlds_linux-boun...@list.valvesoftware.com >>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >>>> Sent: Monday, July 02, 2012 3:36 PM >>>> To: Half-Life dedicated Linux server mailing list >>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>> Здравствуйте, Alfred. >>>> Вы писали 3 липня 2012 р., 1:22:01: >>>> Can you explain, why when downloading this update, 'Counter-Strike >>>> Base Content' is downgraded "from version 36 to version 35" ? >>>>> There was a brief problem with the hltv Linux binary, that has since been >>>>> fixed. >>>>> -Original Message- >>>>> From: hlds_linux-boun...@list.valvesoftware.com >>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >>>>> Howard >>>>> Sent: Monday, July 02, 2012 3:00 PM >>>>> To: Half-Life dedicated Linux server mailing list >>>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>>> I believe with the last update, there was a problem with hltv not >>>>> working as reported by someone else. For some reason, I kept getting >>>>> segmentation faults on linux. >> >> >>>>> >>>>>From: Ejziponken - >>>>> To: "hlds_linux@list.valvesoftware.com" >>>>> >>>>> Sent: Monday, July 2, 2012 5:32:27 PM >>>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>>> >>>>> Wasnt there a problem with the last update? Did you fix that? >>>>>> From: alf...@valvesoftware.com >>>>>> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com >>>>>> Date: Mon, 2 Jul 2012 20:48:36 + >>>>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>>>> >>>>>> This sounds like the exploit fixed last week, make sure you update your >>>>>> install. In particular that exploit would let you download .cfg file >>>>>> from your server, and if you put your rcon password in that file they >>>>>> can then get full rcon control of the server (and change the motd >>>>>> amongst other things). >>>>>> >>>>>> - Alfred >>>>>> >>>>>> -Original Message- >>>>>> From: hlds_linux-boun...@list.valvesoftware.com >>>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >>>>>> Howard >>>>>> Sent: Monday, July 02
Re: [hlds_linux] CS 1.6 New Exploit?
Ok. So in the end. Should we use -autoupdate or -beta hlbeta for this last update? On 4.7.2012 г. 00:56 ч., Collin Howard wrote: did you use the -beta hlbeta command? From: "px@ipt" To: Half-Life dedicated Linux server mailing list Sent: Tuesday, July 3, 2012 2:53:21 PM Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 19:44:16: Just checked, now works as should, seems either was temporary glitch or server on 194.som.eth.ing was not properly updated... Try the update again, you should be getting v69 for the Linux server engine depot. - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt Sent: Tuesday, July 03, 2012 12:59 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 1:39:45: If I use -beta hlbeta, then 0:17 Updating 'Linux Server Engine' from version 69 to version 67 :))) So I wonder, what's the idea to force to make decision of having either latest hl engine binary, or latest cs engine? Because you ran without "-beta hlbeta" for your update command? If you want to continue using the CS 1.6 beta bits they are still behind this beta flag, it is just the base engine that no longer is. - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt Sent: Monday, July 02, 2012 3:36 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 1:22:01: Can you explain, why when downloading this update, 'Counter-Strike Base Content' is downgraded "from version 36 to version 35" ? There was a brief problem with the hltv Linux binary, that has since been fixed. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard Sent: Monday, July 02, 2012 3:00 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? I believe with the last update, there was a problem with hltv not working as reported by someone else. For some reason, I kept getting segmentation faults on linux. From: Ejziponken - To: "hlds_linux@list.valvesoftware.com" Sent: Monday, July 2, 2012 5:32:27 PM Subject: Re: [hlds_linux] CS 1.6 New Exploit? Wasnt there a problem with the last update? Did you fix that? From: alf...@valvesoftware.com To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com Date: Mon, 2 Jul 2012 20:48:36 + Subject: Re: [hlds_linux] CS 1.6 New Exploit? This sounds like the exploit fixed last week, make sure you update your install. In particular that exploit would let you download .cfg file from your server, and if you put your rcon password in that file they can then get full rcon control of the server (and change the motd amongst other things). - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard Sent: Monday, July 02, 2012 1:46 PM To: hlds_linux@list.valvesoftware.com Subject: [hlds_linux] CS 1.6 New Exploit? I think there is a new exploit out. Today on one of my servers someone was able to download my server.cfg file and was able to upload his own motd file with a link to a virus download. I checked my cstrike folder and it had server.cfg.ZTMP Anyone else experience this? Or is this an old exploit and what protection is there from it? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the lis
Re: [hlds_linux] CS 1.6 New Exploit?
did you use the -beta hlbeta command? From: "px@ipt" To: Half-Life dedicated Linux server mailing list Sent: Tuesday, July 3, 2012 2:53:21 PM Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 19:44:16: Just checked, now works as should, seems either was temporary glitch or server on 194.som.eth.ing was not properly updated... > Try the update again, you should be getting v69 for the Linux server engine > depot. > - Alfred > -Original Message- > From: hlds_linux-boun...@list.valvesoftware.com > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt > Sent: Tuesday, July 03, 2012 12:59 AM > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > Здравствуйте, Alfred. > Вы писали 3 липня 2012 р., 1:39:45: > If I use -beta hlbeta, then > 0:17 Updating 'Linux Server Engine' from version 69 to version 67 > :))) > So I wonder, what's the idea to force to make decision of having > either latest hl engine binary, or latest cs engine? >> Because you ran without "-beta hlbeta" for your update command? If >> you want to continue using the CS 1.6 beta bits they are still >> behind this beta flag, it is just the base engine that no longer is. >> - Alfred >> -Original Message- >> From: hlds_linux-boun...@list.valvesoftware.com >> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >> Sent: Monday, July 02, 2012 3:36 PM >> To: Half-Life dedicated Linux server mailing list >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> Здравствуйте, Alfred. >> Вы писали 3 липня 2012 р., 1:22:01: >> Can you explain, why when downloading this update, 'Counter-Strike >> Base Content' is downgraded "from version 36 to version 35" ? >>> There was a brief problem with the hltv Linux binary, that has since been >>> fixed. >>> -Original Message- >>> From: hlds_linux-boun...@list.valvesoftware.com >>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >>> Howard >>> Sent: Monday, July 02, 2012 3:00 PM >>> To: Half-Life dedicated Linux server mailing list >>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>> I believe with the last update, there was a problem with hltv not >>> working as reported by someone else. For some reason, I kept getting >>> segmentation faults on linux. >>> >>> From: Ejziponken - >>> To: "hlds_linux@list.valvesoftware.com" >>> >>> Sent: Monday, July 2, 2012 5:32:27 PM >>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>> >>> Wasnt there a problem with the last update? Did you fix that? >>>> From: alf...@valvesoftware.com >>>> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com >>>> Date: Mon, 2 Jul 2012 20:48:36 + >>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>> >>>> This sounds like the exploit fixed last week, make sure you update your >>>> install. In particular that exploit would let you download .cfg file from >>>> your server, and if you put your rcon password in that file they can then >>>> get full rcon control of the server (and change the motd amongst other >>>> things). >>>> >>>> - Alfred >>>> >>>> -Original Message- >>>> From: hlds_linux-boun...@list.valvesoftware.com >>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >>>> Howard >>>> Sent: Monday, July 02, 2012 1:46 PM >>>> To: hlds_linux@list.valvesoftware.com >>>> Subject: [hlds_linux] CS 1.6 New Exploit? >>>> >>>> I think there is a new exploit out. Today on one of my servers someone was >>>> able to download my server.cfg file and was able to upload his own motd >>>> file with a link to a virus download. I checked my cstrike folder and it >>>> had server.cfg.ZTMP >>>> >>>> Anyone else experience this? Or is this an old exploit and what protection >>>> is there from it? >>>> ___ >>>> To unsubscribe, edit your list preferences, or view the list archives, >>>> please visit: >>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >>>> >>>> ___
Re: [hlds_linux] CS 1.6 New Exploit?
Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 19:44:16: Just checked, now works as should, seems either was temporary glitch or server on 194.som.eth.ing was not properly updated... > Try the update again, you should be getting v69 for the Linux server engine > depot. > - Alfred > -Original Message- > From: hlds_linux-boun...@list.valvesoftware.com > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt > Sent: Tuesday, July 03, 2012 12:59 AM > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > Здравствуйте, Alfred. > Вы писали 3 липня 2012 р., 1:39:45: > If I use -beta hlbeta, then > 0:17 Updating 'Linux Server Engine' from version 69 to version 67 > :))) > So I wonder, what's the idea to force to make decision of having > either latest hl engine binary, or latest cs engine? >> Because you ran without "-beta hlbeta" for your update command? If >> you want to continue using the CS 1.6 beta bits they are still >> behind this beta flag, it is just the base engine that no longer is. >> - Alfred >> -Original Message- >> From: hlds_linux-boun...@list.valvesoftware.com >> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt >> Sent: Monday, July 02, 2012 3:36 PM >> To: Half-Life dedicated Linux server mailing list >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> Здравствуйте, Alfred. >> Вы писали 3 липня 2012 р., 1:22:01: >> Can you explain, why when downloading this update, 'Counter-Strike >> Base Content' is downgraded "from version 36 to version 35" ? >>> There was a brief problem with the hltv Linux binary, that has since been >>> fixed. >>> -Original Message- >>> From: hlds_linux-boun...@list.valvesoftware.com >>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >>> Howard >>> Sent: Monday, July 02, 2012 3:00 PM >>> To: Half-Life dedicated Linux server mailing list >>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>> I believe with the last update, there was a problem with hltv not >>> working as reported by someone else. For some reason, I kept getting >>> segmentation faults on linux. >>> >>> From: Ejziponken - >>> To: "hlds_linux@list.valvesoftware.com" >>> >>> Sent: Monday, July 2, 2012 5:32:27 PM >>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>> >>> Wasnt there a problem with the last update? Did you fix that? >>>> From: alf...@valvesoftware.com >>>> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com >>>> Date: Mon, 2 Jul 2012 20:48:36 + >>>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>>> >>>> This sounds like the exploit fixed last week, make sure you update your >>>> install. In particular that exploit would let you download .cfg file from >>>> your server, and if you put your rcon password in that file they can then >>>> get full rcon control of the server (and change the motd amongst other >>>> things). >>>> >>>> - Alfred >>>> >>>> -Original Message- >>>> From: hlds_linux-boun...@list.valvesoftware.com >>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >>>> Howard >>>> Sent: Monday, July 02, 2012 1:46 PM >>>> To: hlds_linux@list.valvesoftware.com >>>> Subject: [hlds_linux] CS 1.6 New Exploit? >>>> >>>> I think there is a new exploit out. Today on one of my servers someone was >>>> able to download my server.cfg file and was able to upload his own motd >>>> file with a link to a virus download. I checked my cstrike folder and it >>>> had server.cfg.ZTMP >>>> >>>> Anyone else experience this? Or is this an old exploit and what protection >>>> is there from it? >>>> ___ >>>> To unsubscribe, edit your list preferences, or view the list archives, >>>> please visit: >>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >>>> >>>> ___ >>>> To unsubscribe, edit your list preferences, or view the list archives, >>>> please visit: >>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >>>
Re: [hlds_linux] CS 1.6 New Exploit?
Without -hlbeta the server stay vulnerable to cl_setautobuy 2012/7/3 Alfred Reynolds > Try the update again, you should be getting v69 for the Linux server > engine depot. > > - Alfred > > -Original Message- > From: hlds_linux-boun...@list.valvesoftware.com [mailto: > hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt > Sent: Tuesday, July 03, 2012 12:59 AM > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > > Здравствуйте, Alfred. > > Вы писали 3 липня 2012 р., 1:39:45: > > If I use -beta hlbeta, then > 0:17 Updating 'Linux Server Engine' from version 69 to version 67 > :))) > So I wonder, what's the idea to force to make decision of having > either latest hl engine binary, or latest cs engine? > > > Because you ran without "-beta hlbeta" for your update command? If > > you want to continue using the CS 1.6 beta bits they are still > > behind this beta flag, it is just the base engine that no longer is. > > > - Alfred > > > -Original Message- > > From: hlds_linux-boun...@list.valvesoftware.com > > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt > > Sent: Monday, July 02, 2012 3:36 PM > > To: Half-Life dedicated Linux server mailing list > > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > > > Здравствуйте, Alfred. > > > Вы писали 3 липня 2012 р., 1:22:01: > > > Can you explain, why when downloading this update, 'Counter-Strike > > Base Content' is downgraded "from version 36 to version 35" ? > > >> There was a brief problem with the hltv Linux binary, that has since > been fixed. > > >> -Original Message- > >> From: hlds_linux-boun...@list.valvesoftware.com > >> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin > Howard > >> Sent: Monday, July 02, 2012 3:00 PM > >> To: Half-Life dedicated Linux server mailing list > >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? > > >> I believe with the last update, there was a problem with hltv not > >> working as reported by someone else. For some reason, I kept getting > segmentation faults on linux. > > > > >> > >> From: Ejziponken - > >> To: "hlds_linux@list.valvesoftware.com" > >> > >> Sent: Monday, July 2, 2012 5:32:27 PM > >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? > >> > > >> Wasnt there a problem with the last update? Did you fix that? > > >>> From: alf...@valvesoftware.com > >>> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com > >>> Date: Mon, 2 Jul 2012 20:48:36 + > >>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? > >>> > >>> This sounds like the exploit fixed last week, make sure you update > your install. In particular that exploit would let you download .cfg file > from your server, and if you put your rcon password in that file they can > then get full rcon control of the server (and change the motd amongst other > things). > >>> > >>> - Alfred > >>> > >>> -Original Message- > >>> From: hlds_linux-boun...@list.valvesoftware.com [mailto: > hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard > >>> Sent: Monday, July 02, 2012 1:46 PM > >>> To: hlds_linux@list.valvesoftware.com > >>> Subject: [hlds_linux] CS 1.6 New Exploit? > >>> > >>> I think there is a new exploit out. Today on one of my servers someone > was able to download my server.cfg file and was able to upload his own motd > file with a link to a virus download. I checked my cstrike folder and it > had server.cfg.ZTMP > >>> > >>> Anyone else experience this? Or is this an old exploit and what > protection is there from it? > >>> ___ > >>> To unsubscribe, edit your list preferences, or view the list archives, > please visit: > >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > >>> > >>> ___ > >>> To unsubscribe, edit your list preferences, or view the list archives, > please visit: > >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > >> > >> ___ > >> To unsubscribe, edit your list preferences, or view the list archives, > please visit: > >&g
Re: [hlds_linux] CS 1.6 New Exploit?
Try the update again, you should be getting v69 for the Linux server engine depot. - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt Sent: Tuesday, July 03, 2012 12:59 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 1:39:45: If I use -beta hlbeta, then 0:17 Updating 'Linux Server Engine' from version 69 to version 67 :))) So I wonder, what's the idea to force to make decision of having either latest hl engine binary, or latest cs engine? > Because you ran without "-beta hlbeta" for your update command? If > you want to continue using the CS 1.6 beta bits they are still > behind this beta flag, it is just the base engine that no longer is. > - Alfred > -Original Message- > From: hlds_linux-boun...@list.valvesoftware.com > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt > Sent: Monday, July 02, 2012 3:36 PM > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > Здравствуйте, Alfred. > Вы писали 3 липня 2012 р., 1:22:01: > Can you explain, why when downloading this update, 'Counter-Strike > Base Content' is downgraded "from version 36 to version 35" ? >> There was a brief problem with the hltv Linux binary, that has since been >> fixed. >> -Original Message- >> From: hlds_linux-boun...@list.valvesoftware.com >> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard >> Sent: Monday, July 02, 2012 3:00 PM >> To: Half-Life dedicated Linux server mailing list >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> I believe with the last update, there was a problem with hltv not >> working as reported by someone else. For some reason, I kept getting >> segmentation faults on linux. >> ________________ >> From: Ejziponken - >> To: "hlds_linux@list.valvesoftware.com" >> >> Sent: Monday, July 2, 2012 5:32:27 PM >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> Wasnt there a problem with the last update? Did you fix that? >>> From: alf...@valvesoftware.com >>> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com >>> Date: Mon, 2 Jul 2012 20:48:36 + >>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>> >>> This sounds like the exploit fixed last week, make sure you update your >>> install. In particular that exploit would let you download .cfg file from >>> your server, and if you put your rcon password in that file they can then >>> get full rcon control of the server (and change the motd amongst other >>> things). >>> >>> - Alfred >>> >>> -Original Message- >>> From: hlds_linux-boun...@list.valvesoftware.com >>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >>> Howard >>> Sent: Monday, July 02, 2012 1:46 PM >>> To: hlds_linux@list.valvesoftware.com >>> Subject: [hlds_linux] CS 1.6 New Exploit? >>> >>> I think there is a new exploit out. Today on one of my servers someone was >>> able to download my server.cfg file and was able to upload his own motd >>> file with a link to a virus download. I checked my cstrike folder and it >>> had server.cfg.ZTMP >>> >>> Anyone else experience this? Or is this an old exploit and what protection >>> is there from it? >>> ___ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >>> >>> ___ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> ___ >> To unsubs
Re: [hlds_linux] CS 1.6 New Exploit?
All servers were potentially vulnerable. - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Invalid Protocol Sent: Monday, July 02, 2012 5:34 PM To: 'Half-Life dedicated Linux server mailing list' Subject: Re: [hlds_linux] CS 1.6 New Exploit? Are the servers that only have fast download enabled (sv_allowdownload 0) vulnerable to this exploit? -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Alfred Reynolds Sent: Monday, July 02, 2012 11:49 PM To: 'Collin Howard'; 'Half-Life dedicated Linux server mailing list' Subject: Re: [hlds_linux] CS 1.6 New Exploit? This sounds like the exploit fixed last week, make sure you update your install. In particular that exploit would let you download .cfg file from your server, and if you put your rcon password in that file they can then get full rcon control of the server (and change the motd amongst other things). - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard Sent: Monday, July 02, 2012 1:46 PM To: hlds_linux@list.valvesoftware.com Subject: [hlds_linux] CS 1.6 New Exploit? I think there is a new exploit out. Today on one of my servers someone was able to download my server.cfg file and was able to upload his own motd file with a link to a virus download. I checked my cstrike folder and it had server.cfg.ZTMP Anyone else experience this? Or is this an old exploit and what protection is there from it? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] CS 1.6 New Exploit?
Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 1:39:45: If I use -beta hlbeta, then 0:17 Updating 'Linux Server Engine' from version 69 to version 67 :))) So I wonder, what's the idea to force to make decision of having either latest hl engine binary, or latest cs engine? > Because you ran without "-beta hlbeta" for your update command? If > you want to continue using the CS 1.6 beta bits they are still > behind this beta flag, it is just the base engine that no longer is. > - Alfred > -Original Message- > From: hlds_linux-boun...@list.valvesoftware.com > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt > Sent: Monday, July 02, 2012 3:36 PM > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > Здравствуйте, Alfred. > Вы писали 3 липня 2012 р., 1:22:01: > Can you explain, why when downloading this update, 'Counter-Strike > Base Content' is downgraded "from version 36 to version 35" ? >> There was a brief problem with the hltv Linux binary, that has since been >> fixed. >> -Original Message- >> From: hlds_linux-boun...@list.valvesoftware.com >> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard >> Sent: Monday, July 02, 2012 3:00 PM >> To: Half-Life dedicated Linux server mailing list >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> I believe with the last update, there was a problem with hltv not >> working as reported by someone else. For some reason, I kept getting >> segmentation faults on linux. >> ________________ >> From: Ejziponken - >> To: "hlds_linux@list.valvesoftware.com" >> >> Sent: Monday, July 2, 2012 5:32:27 PM >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> Wasnt there a problem with the last update? Did you fix that? >>> From: alf...@valvesoftware.com >>> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com >>> Date: Mon, 2 Jul 2012 20:48:36 + >>> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >>> >>> This sounds like the exploit fixed last week, make sure you update your >>> install. In particular that exploit would let you download .cfg file from >>> your server, and if you put your rcon password in that file they can then >>> get full rcon control of the server (and change the motd amongst other >>> things). >>> >>> - Alfred >>> >>> -Original Message- >>> From: hlds_linux-boun...@list.valvesoftware.com >>> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin >>> Howard >>> Sent: Monday, July 02, 2012 1:46 PM >>> To: hlds_linux@list.valvesoftware.com >>> Subject: [hlds_linux] CS 1.6 New Exploit? >>> >>> I think there is a new exploit out. Today on one of my servers someone was >>> able to download my server.cfg file and was able to upload his own motd >>> file with a link to a virus download. I checked my cstrike folder and it >>> had server.cfg.ZTMP >>> >>> Anyone else experience this? Or is this an old exploit and what protection >>> is there from it? >>> ___ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >>> >>> ___ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux -- С уважением, Px mailto:p...@i.kiev.ua ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] CS 1.6 New Exploit?
Are the servers that only have fast download enabled (sv_allowdownload 0) vulnerable to this exploit? -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Alfred Reynolds Sent: Monday, July 02, 2012 11:49 PM To: 'Collin Howard'; 'Half-Life dedicated Linux server mailing list' Subject: Re: [hlds_linux] CS 1.6 New Exploit? This sounds like the exploit fixed last week, make sure you update your install. In particular that exploit would let you download .cfg file from your server, and if you put your rcon password in that file they can then get full rcon control of the server (and change the motd amongst other things). - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard Sent: Monday, July 02, 2012 1:46 PM To: hlds_linux@list.valvesoftware.com Subject: [hlds_linux] CS 1.6 New Exploit? I think there is a new exploit out. Today on one of my servers someone was able to download my server.cfg file and was able to upload his own motd file with a link to a virus download. I checked my cstrike folder and it had server.cfg.ZTMP Anyone else experience this? Or is this an old exploit and what protection is there from it? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] CS 1.6 New Exploit?
The "-beta hlbeta" flag only effects the Counter-Strike 1.6 game binaries at this time. The dedicated server engine you get (the "base" binaries) are the same if you do or do not use the beta flag*. So the hlbeta does not affect the game engine at this time. - Alfred * - now, I had a config bug making this not true until recently. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard Sent: Monday, July 02, 2012 3:47 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? Actually, thats why I initially asked if we needed to run the -beta hlbeta command, what were the beta updates that were release with that flag? Which ones are not included with the original -command update flag? If I understand this correctly, the -beta hlbeta flag still has the latest exploit fix that was released last week? From: Alfred Reynolds To: Half-Life dedicated Linux server mailing list Sent: Monday, July 2, 2012 6:39:45 PM Subject: Re: [hlds_linux] CS 1.6 New Exploit? Because you ran without "-beta hlbeta" for your update command? If you want to continue using the CS 1.6 beta bits they are still behind this beta flag, it is just the base engine that no longer is. - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt Sent: Monday, July 02, 2012 3:36 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 1:22:01: Can you explain, why when downloading this update, 'Counter-Strike Base Content' is downgraded "from version 36 to version 35" ? > There was a brief problem with the hltv Linux binary, that has since been > fixed. > -Original Message- > From: hlds_linux-boun...@list.valvesoftware.com > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard > Sent: Monday, July 02, 2012 3:00 PM > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > I believe with the last update, there was a problem with hltv not > working as reported by someone else. For some reason, I kept getting > segmentation faults on linux. > > From: Ejziponken - > To: "hlds_linux@list.valvesoftware.com" > > Sent: Monday, July 2, 2012 5:32:27 PM > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > > Wasnt there a problem with the last update? Did you fix that? >> From: alf...@valvesoftware.com >> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com >> Date: Mon, 2 Jul 2012 20:48:36 + >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> This sounds like the exploit fixed last week, make sure you update your >> install. In particular that exploit would let you download .cfg file from >> your server, and if you put your rcon password in that file they can then >> get full rcon control of the server (and change the motd amongst other >> things). >> >> - Alfred >> >> -Original Message- >> From: hlds_linux-boun...@list.valvesoftware.com >> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard >> Sent: Monday, July 02, 2012 1:46 PM >> To: hlds_linux@list.valvesoftware.com >> Subject: [hlds_linux] CS 1.6 New Exploit? >> >> I think there is a new exploit out. Today on one of my servers someone was >> able to download my server.cfg file and was able to upload his own motd file >> with a link to a virus download. I checked my cstrike folder and it had >> server.cfg.ZTMP >> >> Anyone else experience this? Or is this an old exploit and what protection >> is there from it? >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > ___ > To unsubscribe, edit your list preferences, or view the list archives,
Re: [hlds_linux] CS 1.6 New Exploit?
Actually, thats why I initially asked if we needed to run the -beta hlbeta command, what were the beta updates that were release with that flag? Which ones are not included with the original -command update flag? If I understand this correctly, the -beta hlbeta flag still has the latest exploit fix that was released last week? From: Alfred Reynolds To: Half-Life dedicated Linux server mailing list Sent: Monday, July 2, 2012 6:39:45 PM Subject: Re: [hlds_linux] CS 1.6 New Exploit? Because you ran without "-beta hlbeta" for your update command? If you want to continue using the CS 1.6 beta bits they are still behind this beta flag, it is just the base engine that no longer is. - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt Sent: Monday, July 02, 2012 3:36 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 1:22:01: Can you explain, why when downloading this update, 'Counter-Strike Base Content' is downgraded "from version 36 to version 35" ? > There was a brief problem with the hltv Linux binary, that has since been > fixed. > -Original Message- > From: hlds_linux-boun...@list.valvesoftware.com > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard > Sent: Monday, July 02, 2012 3:00 PM > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > I believe with the last update, there was a problem with hltv not > working as reported by someone else. For some reason, I kept getting > segmentation faults on linux. > > From: Ejziponken - > To: "hlds_linux@list.valvesoftware.com" > > Sent: Monday, July 2, 2012 5:32:27 PM > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > > Wasnt there a problem with the last update? Did you fix that? >> From: alf...@valvesoftware.com >> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com >> Date: Mon, 2 Jul 2012 20:48:36 + >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> This sounds like the exploit fixed last week, make sure you update your >> install. In particular that exploit would let you download .cfg file from >> your server, and if you put your rcon password in that file they can then >> get full rcon control of the server (and change the motd amongst other >> things). >> >> - Alfred >> >> -Original Message- >> From: hlds_linux-boun...@list.valvesoftware.com >> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard >> Sent: Monday, July 02, 2012 1:46 PM >> To: hlds_linux@list.valvesoftware.com >> Subject: [hlds_linux] CS 1.6 New Exploit? >> >> I think there is a new exploit out. Today on one of my servers someone was >> able to download my server.cfg file and was able to upload his own motd file >> with a link to a virus download. I checked my cstrike folder and it had >> server.cfg.ZTMP >> >> Anyone else experience this? Or is this an old exploit and what protection >> is there from it? >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux -- С уважением, Px mailto:p...@i.kiev.ua ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] CS 1.6 New Exploit?
Because you ran without "-beta hlbeta" for your update command? If you want to continue using the CS 1.6 beta bits they are still behind this beta flag, it is just the base engine that no longer is. - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of px@ipt Sent: Monday, July 02, 2012 3:36 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 1:22:01: Can you explain, why when downloading this update, 'Counter-Strike Base Content' is downgraded "from version 36 to version 35" ? > There was a brief problem with the hltv Linux binary, that has since been > fixed. > -Original Message- > From: hlds_linux-boun...@list.valvesoftware.com > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard > Sent: Monday, July 02, 2012 3:00 PM > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > I believe with the last update, there was a problem with hltv not > working as reported by someone else. For some reason, I kept getting > segmentation faults on linux. > > From: Ejziponken - > To: "hlds_linux@list.valvesoftware.com" > > Sent: Monday, July 2, 2012 5:32:27 PM > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > > Wasnt there a problem with the last update? Did you fix that? >> From: alf...@valvesoftware.com >> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com >> Date: Mon, 2 Jul 2012 20:48:36 + >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> This sounds like the exploit fixed last week, make sure you update your >> install. In particular that exploit would let you download .cfg file from >> your server, and if you put your rcon password in that file they can then >> get full rcon control of the server (and change the motd amongst other >> things). >> >> - Alfred >> >> -Original Message- >> From: hlds_linux-boun...@list.valvesoftware.com >> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard >> Sent: Monday, July 02, 2012 1:46 PM >> To: hlds_linux@list.valvesoftware.com >> Subject: [hlds_linux] CS 1.6 New Exploit? >> >> I think there is a new exploit out. Today on one of my servers someone was >> able to download my server.cfg file and was able to upload his own motd file >> with a link to a virus download. I checked my cstrike folder and it had >> server.cfg.ZTMP >> >> Anyone else experience this? Or is this an old exploit and what protection >> is there from it? >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux -- С уважением, Px mailto:p...@i.kiev.ua ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] CS 1.6 New Exploit?
Здравствуйте, Alfred. Вы писали 3 липня 2012 р., 1:22:01: Can you explain, why when downloading this update, 'Counter-Strike Base Content' is downgraded "from version 36 to version 35" ? > There was a brief problem with the hltv Linux binary, that has since been > fixed. > -Original Message- > From: hlds_linux-boun...@list.valvesoftware.com > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard > Sent: Monday, July 02, 2012 3:00 PM > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > I believe with the last update, there was a problem with hltv not > working as reported by someone else. For some reason, I kept getting > segmentation faults on linux. > > From: Ejziponken - > To: "hlds_linux@list.valvesoftware.com" > > Sent: Monday, July 2, 2012 5:32:27 PM > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > > Wasnt there a problem with the last update? Did you fix that? >> From: alf...@valvesoftware.com >> To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com >> Date: Mon, 2 Jul 2012 20:48:36 + >> Subject: Re: [hlds_linux] CS 1.6 New Exploit? >> >> This sounds like the exploit fixed last week, make sure you update your >> install. In particular that exploit would let you download .cfg file from >> your server, and if you put your rcon password in that file they can then >> get full rcon control of the server (and change the motd amongst other >> things). >> >> - Alfred >> >> -Original Message- >> From: hlds_linux-boun...@list.valvesoftware.com >> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard >> Sent: Monday, July 02, 2012 1:46 PM >> To: hlds_linux@list.valvesoftware.com >> Subject: [hlds_linux] CS 1.6 New Exploit? >> >> I think there is a new exploit out. Today on one of my servers someone was >> able to download my server.cfg file and was able to upload his own motd file >> with a link to a virus download. I checked my cstrike folder and it had >> server.cfg.ZTMP >> >> Anyone else experience this? Or is this an old exploit and what protection >> is there from it? >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >> >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux -- С уважением, Px mailto:p...@i.kiev.ua ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] CS 1.6 New Exploit?
There was a brief problem with the hltv Linux binary, that has since been fixed. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard Sent: Monday, July 02, 2012 3:00 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] CS 1.6 New Exploit? I believe with the last update, there was a problem with hltv not working as reported by someone else. For some reason, I kept getting segmentation faults on linux. From: Ejziponken - To: "hlds_linux@list.valvesoftware.com" Sent: Monday, July 2, 2012 5:32:27 PM Subject: Re: [hlds_linux] CS 1.6 New Exploit? Wasnt there a problem with the last update? Did you fix that? > From: alf...@valvesoftware.com > To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com > Date: Mon, 2 Jul 2012 20:48:36 +0000 > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > > This sounds like the exploit fixed last week, make sure you update your > install. In particular that exploit would let you download .cfg file from > your server, and if you put your rcon password in that file they can then get > full rcon control of the server (and change the motd amongst other things). > > - Alfred > > -Original Message- > From: hlds_linux-boun...@list.valvesoftware.com > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard > Sent: Monday, July 02, 2012 1:46 PM > To: hlds_linux@list.valvesoftware.com > Subject: [hlds_linux] CS 1.6 New Exploit? > > I think there is a new exploit out. Today on one of my servers someone was > able to download my server.cfg file and was able to upload his own motd file > with a link to a virus download. I checked my cstrike folder and it had > server.cfg.ZTMP > > Anyone else experience this? Or is this an old exploit and what protection is > there from it? > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] CS 1.6 New Exploit?
I believe with the last update, there was a problem with hltv not working as reported by someone else. For some reason, I kept getting segmentation faults on linux. From: Ejziponken - To: "hlds_linux@list.valvesoftware.com" Sent: Monday, July 2, 2012 5:32:27 PM Subject: Re: [hlds_linux] CS 1.6 New Exploit? Wasnt there a problem with the last update? Did you fix that? > From: alf...@valvesoftware.com > To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com > Date: Mon, 2 Jul 2012 20:48:36 +0000 > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > > This sounds like the exploit fixed last week, make sure you update your > install. In particular that exploit would let you download .cfg file from > your server, and if you put your rcon password in that file they can then get > full rcon control of the server (and change the motd amongst other things). > > - Alfred > > -Original Message- > From: hlds_linux-boun...@list.valvesoftware.com > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard > Sent: Monday, July 02, 2012 1:46 PM > To: hlds_linux@list.valvesoftware.com > Subject: [hlds_linux] CS 1.6 New Exploit? > > I think there is a new exploit out. Today on one of my servers someone was > able to download my server.cfg file and was able to upload his own motd file > with a link to a virus download. I checked my cstrike folder and it had > server.cfg.ZTMP > > Anyone else experience this? Or is this an old exploit and what protection is > there from it? > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] CS 1.6 New Exploit?
Wasnt there a problem with the last update? Did you fix that? > From: alf...@valvesoftware.com > To: my_azz...@yahoo.com; hlds_linux@list.valvesoftware.com > Date: Mon, 2 Jul 2012 20:48:36 + > Subject: Re: [hlds_linux] CS 1.6 New Exploit? > > This sounds like the exploit fixed last week, make sure you update your > install. In particular that exploit would let you download .cfg file from > your server, and if you put your rcon password in that file they can then get > full rcon control of the server (and change the motd amongst other things). > > - Alfred > > -Original Message- > From: hlds_linux-boun...@list.valvesoftware.com > [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard > Sent: Monday, July 02, 2012 1:46 PM > To: hlds_linux@list.valvesoftware.com > Subject: [hlds_linux] CS 1.6 New Exploit? > > I think there is a new exploit out. Today on one of my servers someone was > able to download my server.cfg file and was able to upload his own motd file > with a link to a virus download. I checked my cstrike folder and it had > server.cfg.ZTMP > > Anyone else experience this? Or is this an old exploit and what protection is > there from it? > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] CS 1.6 New Exploit?
Great, thanks Alfred. From: Alfred Reynolds To: 'Collin Howard' ; 'Half-Life dedicated Linux server mailing list' Sent: Monday, July 2, 2012 4:48:36 PM Subject: RE: [hlds_linux] CS 1.6 New Exploit? This sounds like the exploit fixed last week, make sure you update your install. In particular that exploit would let you download .cfg file from your server, and if you put your rcon password in that file they can then get full rcon control of the server (and change the motd amongst other things). - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard Sent: Monday, July 02, 2012 1:46 PM To: hlds_linux@list.valvesoftware.com Subject: [hlds_linux] CS 1.6 New Exploit? I think there is a new exploit out. Today on one of my servers someone was able to download my server.cfg file and was able to upload his own motd file with a link to a virus download. I checked my cstrike folder and it had server.cfg.ZTMP Anyone else experience this? Or is this an old exploit and what protection is there from it? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] CS 1.6 New Exploit?
This sounds like the exploit fixed last week, make sure you update your install. In particular that exploit would let you download .cfg file from your server, and if you put your rcon password in that file they can then get full rcon control of the server (and change the motd amongst other things). - Alfred -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Collin Howard Sent: Monday, July 02, 2012 1:46 PM To: hlds_linux@list.valvesoftware.com Subject: [hlds_linux] CS 1.6 New Exploit? I think there is a new exploit out. Today on one of my servers someone was able to download my server.cfg file and was able to upload his own motd file with a link to a virus download. I checked my cstrike folder and it had server.cfg.ZTMP Anyone else experience this? Or is this an old exploit and what protection is there from it? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
[hlds_linux] CS 1.6 New Exploit?
I think there is a new exploit out. Today on one of my servers someone was able to download my server.cfg file and was able to upload his own motd file with a link to a virus download. I checked my cstrike folder and it had server.cfg.ZTMP Anyone else experience this? Or is this an old exploit and what protection is there from it? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
