(As posted on the hlds_linux mailing list) There are not 3 security advisories, but 5.
Half-Life Clanmod remote (root) hole http://void.at/advisories/VSA0301_clanmod.txt Half-Life Adminmod remote (root) hole http://void.at/advisories/VSA0302_adminmod.txt Half-Life StatsMe remote (root) hole http://void.at/advisories/VSA0303_statsme.txt Half-Life Client remote hole via Adminmod plugin http://void.at/advisories/VSA0304_adminmod_client.txt HLTV remote DoS http://void.at/advisories/VSA0305_hltv.txt Note that AM & SM also suffer from CM vulnerability you first noticed. -- dJeyL ----- Original Message ----- From: "botman" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, January 10, 2003 8:44 PM Subject: Re: [hlcoders] Bugtraq: hl exploits > > Bugtraq (a security related mailing list) just posted 3 advisories > > concerning Half-Life (HLTV, ClanMod, Adminmod). I highly recommend to any > > coder and/or sysadmin to check these out (I'm not going to reproduce them > > here, bugtraq has an excellent archive). Although there's no fix available > > yet, you should at least know about the possible dangers. > > > > Just to clearify things: I'm in NO way related to those who found the > > vulnerabilities, I'm just telling you that these exist so you know what > > you'll have to deal with sooner or later. > > Here's the URL's for those of you that are not bugtraq savy... > > http://online.securityfocus.com/archive/1/306122/2003-01-07/2003-01-13/0 > > http://online.securityfocus.com/archive/1/306120/2003-01-07/2003-01-13/0 > > http://online.securityfocus.com/archive/1/306117/2003-01-07/2003-01-13/0 > > The AdminMOD and ClanMod exploits REQUIRE knowledge of the rcon password. > > Jeffrey "botman" Broome _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders
