So what can be done?? Nothing? Just happened on my server :( -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Gerry Sent: Saturday, October 16, 2004 9:58 AM To: [EMAIL PROTECTED] Subject: RE: [hlds] serious cs:s vulnerability
Peh, I just had this happen to myself. What idiots >.< Pretty much... "%n: Don't kill or kick me or you'll all crash -myg0t" Then it crashed. *sigh* ~ -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Saturday, October 16, 2004 9:27 AM To: [EMAIL PROTECTED] Subject: Re: [hlds] serious cs:s vulnerability Yup. One of my admins was watching the console on my server and saw exactly how it's done. Dave, did ya send the particulars to Valve already? Hoping this gets resolved soon Valve. - K2 David Fencik <[EMAIL PROTECTED]> wrote: > Here's another ip address of someone who exploited the format string > vulnerability to disconnect all clients on one of my servers: > > 138.88.222.21 > > Dave > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of David Fencik > Sent: Friday, October 15, 2004 8:29 PM > To: [EMAIL PROTECTED] > Subject: RE: [hlds] serious cs:s vulnerability > > Just for grins....here's the ip address of the offending hacker: > > 68.37.174.181 > > Dave > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > [EMAIL PROTECTED] > Sent: Friday, October 15, 2004 8:07 PM > To: [EMAIL PROTECTED] > Subject: Re: [hlds] serious cs:s vulnerability > > Yeah I just had to restart one of my servers as well. It *looks* like > the last > exploit (malformed rcon command that would hang the server and peg the > CPU at > 100%) however this time cpu usage doesnt skyrocket, and in the console > you can > see all of the players drop via timing out, all at the same time almost. > > You seeing the same thing Dave? > > - K2 > http://www.hardfought.org > > > David Fencik <[EMAIL PROTECTED]> wrote: > > > This is a multi-part message in MIME format. > > -- > > [ Picked text/plain from multipart/alternative ] > > Some script kiddie just crashed one of my source servers. It amazes > me > > that there could be such an easily exploitable vulnerability in such > an > > obvious place. Here's a hint to you all: format-string > vulnerability. > > > > Feel free to email me off list if you'd like the specifics. > > > > Dave > > -- > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please > > visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
