[cod] Linux CoD-UO server crashing with exploit warning
Mark J. DeFilippis
defilm at acm.org
Thu May 12 07:26:17 EDT 2005
Hum... I have a code chunk that is an overflow issue that I have been
meaning to test for about 2 months now and I have not had the time. U
really don't need the code chunk, any user can enter the command from
console and crash a server according to the post I picked the info up from
on a reliable anti-cheat server.
I didn't test it right away because I thought the current linux server was
patched against those buffer type problems at this point and it was old
info. If Steve went back to 1.51, I had better check it out.
Problem is 1.51 is required for most competition ladders, and there are
ways a user can get around you disabling their console ability.
The one I am looking at is Linux server specific. No patch on this??? My,
my it is a'
conditional check, where most code problems exist... boundary checking,..
Wonder if we saw the last patch due to the fact that everyone is busy with
COD II.
Ryan has coded a bunch of Linux engine servers these days. Only so much of him
to go around. I just wonder if it had been found earlier, I bet it would
have been
patched in 1.51b, as this does not seem like a complex fix at all compared
to some of the code changes for the map traversal.... Man, do I remember that
time like it was yesterday.
Dr. D
At 07:01 PM 5/11/2005, you wrote:
>We reverted back 1.51 and its seems much more stable :(
>
> Steve / K
>----- Original Message ----- From: "frenton" <frenton at orcon.net.nz>
>
>
>>Thats why i disabled the console COMPLETELY! no really need for that here.
>
>
>
>================================================
>This e.mail is private and confidential between Multiplay (UK) Ltd. and
>the person or entity to whom it is addressed. In the event of
>misdirection, the recipient is prohibited from using, copying, printing or
>otherwise disseminating it or any information contained in it.
>In the event of misdirection, illegible or incomplete transmission please
>telephone (023) 8024 3137
>or return the E.mail to postmaster at multiplay.co.uk.
S1,-------------------------------------------------------------------------------
Mark J. DeFilippis, Ph. D EE defilm at acm.org
defilm at ieee.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://icculus.org/pipermail/cod/attachments/20050512/48d514a5/attachment.htm>
More information about the Cod
mailing list