[cod] SecurityFocus

Robert Mount rmount at gmail.com
Sat Feb 26 20:17:58 EST 2005 

There's a 1.5b patch for COD here http://www.callofduty.com/patch/

But no UO patch on the UO version of that site.

If you've got the
http://0day.icculus.org/cod/COD-CODUO-lnxded-bins-12212004.tar.bz2
files, you're all set.


On Sat, 26 Feb 2005 13:36:36 -0500, Mark J. DeFilippis <defilm at acm.org> wrote:
>  Geez, away busy for 2 weeks and do I have a lot of catching up to do!
> 
>  From the posting in of the link, which as pointed out is in spanish, it
> appears he
>  has a patch for COD 1.5b and codUO 1.51b, yet I can't find it.
> 
>  TWL ET competition manager mentions it impacts ET (and other
>  Quake3 engine games), but no one else has put two and two together
>  there and said "hey COD folks, install this"...
> 
>  So I would imagine most COD and UO servers are largely unpached.
>  It is a problem.  They have taken down my FOY 24x7 32 man server so
>  often, (packed 24x7), it is now empty. :-(
> 
>  Some indicate they installed the patch for SOF and COD COD:UO, anyone
>  have a link that works?
> 
>  Thanks
> 
>  Md
> 
> 
>  
>  At 03:07 PM 2/16/2005, you wrote:
>  
> I can feel your fustration. Untill recently, I had no idea I had a
> "non-patched" sof2 linux binaries. Well someone banned someone for cheating.
> So the little prick tracked down my range and keep taking the servers down
> three to 8 times a day. Since sof2 takes barely nothing to run, we place
> them on all one box. The exploit would crash every server on the box. Delta
> Ray fixed me right up with the Luigi patch and the little hacker is now
> non-existant. So his patches certainly work. I could guarantee that Ryan is
> gonna fix it up for the official release. Ryan has always done us right!
> 
>  -Jay
> 
>  
>  ----- Original Message ----- From: "Ian mu" <mu.llamas at gmail.com>
>  To: <cod at icculus.org>
>  Sent: Wednesday, February 16, 2005 1:56 PM
>  Subject: Re: [cod] SecurityFocus
> 
>  
>  
> Yeah just want to apologise, if he has approached everyone and had
>  negative feedback from them in terms of them fixing it (but then again
>  its tricky, if they aren't going to patch it for sure, isnt that more
>  reason to release a patch and not release the exploit?), then yes I
>  can understand it more in truth, and I'm getting more of an impression
>  at least whilst I still wouldn't do it, he seems like someone who at
>  least has gone down the path of contacting the correct people, so in
>  that respect I'm probably a little hasty with comments, and fair play
>  to him on that side.
> 
>  I'm just in a bad mood as been trying to fix servers all day because of it
> hehe.
>  
> 
> S1-------------------------------------------------------------------------------
>  Mark J. DeFilippis, Ph. D EE          defilm at acm.org
>                                        defilm at ieee.org
> 
>  
>

More information about the Cod mailing list