-- [ Picked text/plain from multipart/alternative ] It's not a serious issue affecting Source servers. If you don't want that ability on your server, then DON'T INSTALL IT on your server.
Grant On 4/6/06, Adam Grzesko <[EMAIL PROTECTED]> wrote: > > Hi, > > We've found a serious security issue affecting CSS servers. > There is a plugin for CSS that allows to expose SHELL system command. > Of of the examples is !!! compiling helloworld.cpp program and > executing it. Another example might be listing directories, wget-ing > trojans and exposing the whole machine to the world. > > This is totally unacceptable. VALVE please FIX this ASAP as this > serious security issue may bring down all machines running CSS > servers. > > These are the links: > > Authors page: > http://www.mattie.info/cs/ > > System Plugin: > http://www.mattie.info/downloads/mattie_system.tgz > > Main category at the author's forum > http://www.mattie.info/cs/forums/viewforum.php?f=43 > > Main topic of this project > http://www.mattie.info/cs/forums/viewtopic.php?t=3392 > > > > best regards > Adam Grzesko > [EMAIL PROTECTED] > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > -- _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
