[cod] SecurityFocus

jagged at vtnetworks.net jagged at vtnetworks.net
Thu Feb 17 13:12:30 EST 2005


Just an FYI, this patch doesn't seem to fix the vulnerability for Quake 
III Arena 1.32 servers (at least not on linux).



On Thu, 17 Feb 2005, Nemeth wrote:

> http://aluigi.altervista.org/adv/q3infoboom-adv.txt
> 
> Nemeth
> 
> Jolt Call of Duty Head Admin & PunksBusted.com Staff
> cod.jolt.co.uk - #cod.jolt - punksbusted.com - #punksbusted
> 
> todd at simops.com wrote:
> > Ok, i missed the link to the patch...
> > Wanna post it again for the blind?
> > TLP
> > ----- Original Message -----
> > From: "Jay Vasallo" <jayco1 at charter.net>
> > To: <cod at icculus.org>
> > Sent: Thursday, February 17, 2005 12:50 AM
> > Subject: Re: [cod] SecurityFocus
> > 
> > 
> > 
> >>The beauty of running one main install versus one install per client.
> >>Update one server and the rest get updated auto.
> >>But yes his patch was nice, seeing that the lastest sof2 binaries were not
> >>patched fully.
> >>
> >>----- Original Message -----
> >>From: "Matthew Keen" <Tali at heavenly-existance.net>
> >>To: <cod at icculus.org>
> >>Sent: Wednesday, February 16, 2005 11:41 PM
> >>Subject: Re: [cod] SecurityFocus
> >>
> >>
> >>
> >>>Yeah we ran this patch on our SoF2 servers here down in the server farm,
> >>>works a treat, no more problems...
> >>>
> >>>Only annoying thing was taking the servers down first (or waiting for
> >>>someoen to crash it) before I applied the patch on each server :)
> >>>
> >>>Jay Vasallo wrote:
> >>>
> >>>
> >>>>I can feel your fustration. Untill recently, I had no idea I had a
> >>>>"non-patched" sof2 linux binaries. Well someone banned someone for
> >>>>cheating. So the little prick tracked down my range and keep taking the
> >>>>servers down three to 8 times a day. Since sof2 takes barely nothing to
> >>>>run, we place them on all one box. The exploit would crash every server
> >>>>on the box. Delta Ray fixed me right up with the Luigi patch and the
> >>>>little hacker is now non-existant. So his patches certainly work. I
> > 
> > could
> > 
> >>>>guarantee that Ryan is gonna fix it up for the official release. Ryan
> > 
> > has
> > 
> >>>>always done us right!
> >>>>
> >>>>-Jay
> >>>>
> >>>>
> >>>>----- Original Message ----- From: "Ian mu" <mu.llamas at gmail.com>
> >>>>To: <cod at icculus.org>
> >>>>Sent: Wednesday, February 16, 2005 1:56 PM
> >>>>Subject: Re: [cod] SecurityFocus
> >>>>
> >>>>
> >>>>
> >>>>>Yeah just want to apologise, if he has approached everyone and had
> >>>>>negative feedback from them in terms of them fixing it (but then again
> >>>>>its tricky, if they aren't going to patch it for sure, isnt that more
> >>>>>reason to release a patch and not release the exploit?), then yes I
> >>>>>can understand it more in truth, and I'm getting more of an impression
> >>>>>at least whilst I still wouldn't do it, he seems like someone who at
> >>>>>least has gone down the path of contacting the correct people, so in
> >>>>>that respect I'm probably a little hasty with comments, and fair play
> >>>>>to him on that side.
> >>>>>
> >>>>>I'm just in a bad mood as been trying to fix servers all day because
> > 
> > of
> > 
> >>>>>it hehe.
> >>>>>
> >>>>
> >>>
> >>
> >>
> > 
> > 
> > 
> 



More information about the Cod mailing list