[cod] SecurityFocus
Ian mu
mu.llamas at gmail.com
Wed Feb 16 16:11:58 EST 2005
Also been doing a bit of testing, and may have found an angle on
reducing the crashes as well if the patch doesn't work for some, I
just posted this in another forum was looking at, so interested in any
feedback from anyone who is still getting crashes....
Only tried this on a couple of servers so far...so mileage may vary
Apply the patch anyway, but then if its still open to the exploit test
and dies, reduce the size of any vars in the config. Main one for me
are sets commands and sv_hostname, if they are ~ or < 16 chars or so
it seems to think its invulnerable. If > 16 or so, it seems to report
the error a lot but not crash it (so may lag server out I don't know),
and if way more then it crashes. May well apply to other cvars as
well, but some seemed to be ok (guessing its just the ones returned in
a query string, so stuff like motds etc prob ok, and just the stuff
seen in gspy, ase etc, returned by typical query strings).
So if u can't ban them via iptables and getting crashes, be
interesting if someone else can verify that sv_hostname (or other
status var) 16 chars or less seems to stop the exploit getting through
once patched. Not an ideal solution by any means, but it may deter a
few and give service .
Might not be strictly that, but might give others a few ideas to try
as well on their configs...
ian
More information about the Cod
mailing list