[17409] in bugtraq
Re: Half Life dedicated server Patch
daemon@ATHENA.MIT.EDU (Thiago Zaninotti)
Mon Oct 30 01:52:12 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.20.0010291612470.15740-100000@unreal.sekure.org>
Date: Sun, 29 Oct 2000 16:30:28 -0200
Reply-To: Thiago Zaninotti <condor@SEKURE.ORG>
From: Thiago Zaninotti <condor@SEKURE.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Just for your information,
I've tested the patched version of HLDS and it doesn't seem to be
vulnerable to the format string error found in rcon command.
Bad Rcon from 127.0.0.1:2020:
rcon %p%p%p%p
- -condor
Thiago Zaninotti
PK available through mail.
Tamandua Sekure Labs - Brazil
http://tamandua.sekure.org
mailto:labs@sekure.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5/Gxsf/woA9GCB6cRApBRAKDKyI+L9usDnRcySDnXXZhNedpZ1wCg29Rg
v90No5CPgrR2pr7ZsLrsASI=
=7X+a
-----END PGP SIGNATURE-----
> Someone pointed me to an announcement of a new Half Life patch which
> should be released next week and should fix the vulnerability described
> at http://www.securityfocus.com/bid/1799
>
> New features and fixes include:
> - Linux security issue resolved. <---------------------
The patch was released earlier today. The linuxreadme.txt file
included in the release noted this as the only security related change:
- Rcon buffer overflow fixed.
It does not make any mention of the format string bug as mentioned in
'Tamandua Sekure Labs Security Advisory 2000-01'
