Very true. Haven't seen any pointers in that direction yet thankfully. As far as the explanation goes for the exploit there's little stoppin a malicious cracker gaining access.
I really hope valve will manage to get a fix out before someone makes an extended versjon of this exploit that also gives you shell. Until that time I don't think there are many chances that script kiddies suddenly got a clue about programming there own sploits :) -jmoen- > heh, crashing is not the bad thing, i was talking about getting shell > access > as the user running the hlds > > ----- Original Message ----- > From: <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, July 30, 2003 1:40 PM > Subject: Re: [hlds_linux] HLDS Expolits. > > >> Yes, and it works quite well. >> Somebody has already started to crash our servers. >> *sigh* >> >> -jmoen- >> >> > oh and i have seen a linux version for the exploit so prepare >> yourselves >> > >> > >> > ----- Original Message ----- >> > From: "Hlds Linux" <[EMAIL PROTECTED]> >> > To: <[EMAIL PROTECTED]> >> > Sent: Wednesday, July 30, 2003 1:18 PM >> > Subject: Re: [hlds_linux] HLDS Expolits. >> > >> > >> >> The posted "iptables" Script is not enough. >> >> A exploit need only on conenction to the port, so port-limiting is >> not > a >> >> fix. >> >> Greetz >> >> ----- Original Message ----- >> >> From: "Erik van den Berg" <[EMAIL PROTECTED]> >> >> To: <[EMAIL PROTECTED]> >> >> Sent: Wednesday, July 30, 2003 11:55 AM >> >> Subject: Re: [hlds_linux] HLDS Expolits. >> >> >> >> >> >> > Heh, the main thing that makes me mad is that valve has not even >> >> patched >> >> > this since april 14th. >> >> > >> >> > -- >> >> > - >> >> > >> >> > Met vriendelijke groet, >> >> > Erik van den Berg >> >> > >> >> > Server Administrator/Unix Security Consultant >> >> > Technische Dienst XL-Hosting >> >> > >> >> > http://www.xl-hosting.com >> >> > [EMAIL PROTECTED] >> >> > ----- Original Message ----- >> >> > From: <[EMAIL PROTECTED]> >> >> > To: <[EMAIL PROTECTED]> >> >> > Sent: Wednesday, July 30, 2003 2:29 AM >> >> > Subject: RE: [hlds_linux] HLDS Expolits. >> >> > >> >> > >> >> > > The main thing that makes me mad is not that I have to upgrade to >> >> get >> >> the >> >> > > fix, but I have to upgrade to the next 4.1.1.0x version which >> will >> > kill >> >> my >> >> > > servers since the CPU usage blows. >> >> > >> >> > >> >> > _______________________________________________ >> >> > To unsubscribe, edit your list preferences, or view the list > archives, >> >> please visit: >> >> > http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> >> > >> >> > >> >> >> >> _______________________________________________ >> >> To unsubscribe, edit your list preferences, or view the list >> archives, >> > please visit: >> >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> >> >> >> >> > >> > >> > _______________________________________________ >> > To unsubscribe, edit your list preferences, or view the list archives, >> > please visit: >> > http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> > >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, > please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
