Hello, could someone try if this bug also affects HLDS 3111e? Thanks. -- .--------- Tomáš Janoušek a.k.a. Liskni_si ---------. : NOMI team, developer, http://tomi.nomi.cz/ [EMAIL PROTECTED] : ' JID:[EMAIL PROTECTED], ICQ#161807083, tel:+420608876277 '
Tue, Feb 08, 2005 at 03:58:55PM -0800 Alfred Reynolds napsal: > We have reproduced the problem internally and are working on a fix. > > - Alfred > > ----Original Message---- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Alfred > Reynolds Sent: Tuesday, February 08, 2005 1:35 PM To: > [email protected] Subject: RE: [hlds_linux] Remote > exploit causes Linux server to crash! Valve, please read > > > Aha, a way to reproduce the problem! Just what we needed, I will pass > > this on to the team :) > > > > - Alfred > > > > ----Original Message---- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of The Fool > > Sent: Tuesday, February 08, 2005 7:49 AM To: > > [email protected] Subject: Re: [hlds_linux] Remote > > exploit causes Linux server to crash! Valve, please read > > > > > Funny. Am i right if i say that the server tries to disconnect a > > > non-existing user? I mean he connects, disconnects fast, server > > > catches he's banned, server triesd to disconnect, but, the user is > > > already disconnected == application error? > > > > > > Or... it's just not so easy? :) > > > > > > > > > > Starting a new thread, this really needs to be addressed by Valve. > > > > > > > > > Its a known bug amongst us who run the servers, but Alfred wont > > > > > fix it until someone can duplicate it. If a person is banned, > > > > > the server can be crashed at will by these kids by repeated > > > > > rejoin attempts. > > > > > > > > You were absolutely right. I discovered from log parsing that the > > > > same person from IP 63.197.68.40 (STEAM_0:0:6023457) has been > > > > crashing my server every day for a month since he was banned. > > > > However, I think the problem is worse than a DoS -- he is able to > > > > do it in one fast connect/disconnect attempt from the look of my > > > > logs. It's definitely him though, because every time the server > > > > gets a segmentation fault, it is him who join/parted immediately > > > > before. > > > > > > > > My guess is that the join flooding is a red herring -- the script > > > > does that until the exploit works, but isn't the cause of the > > > > crash itself. > > > > > > > > This needs to be addressed ASAP by Valve. I am very concerned > > > > that this may have the possibility to be exploited as remote code > > > > execution if it is a buffer overflow from malformed packets. What > > > > do I need to do to prove this is a critical exploit in server code > > > > to Valve? Would packet captures from his IP help? This loser has > > > > been doing this *every* day for a month! He is now blocked from > > > > the firewall, but this is a reactionary defense. This bug NEEDS > > > > to be fixed. > > > > > > > > > > > > > > > > L 02/06/2005 - 00:28:23: "{ D-MOB } > > > > kiLLAZ<355><STEAM_ID_PENDING><>" connected, address > > > > "63.197.68.40:27005" > > > > LLAZ] [STEAM_ID_PENDING] > > > > L 02/06/2005 - 00:28:24: "{ D-MOB } > > > > kiLLAZ<355><STEAM_ID_PENDING><>" disconnected (reason "Disconnect > > > > by user.") Dropped { D-MOB } kiLLAZ from server Reason: > > > > Disconnect by user. /home/cjones/local/steam/srcds_run: line 423: > > > > 16168 Segmentation fault $HL_CMD > > > > > > > > > > > > > > > > -- > > > > Chris > > > > > > > > _______________________________________________ > > > > To unsubscribe, edit your list preferences, or view the list > > > > archives, please visit: > > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > > > archives, please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > > archives, please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
