On 03/06/2011 05:38 AM, Kate wrote:
Peter: I'm actually going to wait until they contact me. I read about the
XSS vuln and their apparent lack of resolution for the issue.
(http://www.1337day.com/exploits/15369)
Vathral: I figured out how exploited our instance by looking through the
source and mucking about. I'm actually surprised that it wasn't found long
ago. :( I even wrote a quick step-by-step to both duplicate the issue(log in
as an admin) and a patch to the source. The patch however would show the
exploit fairly easily so I'm concerned about releasing that detail.
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux
http://forums.interwavestudios.com/topic/2751-issue-from-vulnerability-xss/
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux
