[cod] Vulnerability if auto download is enabled on cod/coduo servers?
Andre Lorbach
alorbach at ro1.adiscon.com
Thu May 18 08:37:01 EDT 2006
> -----Original Message-----
> From: satanic.surfer.666 at web.de [mailto:satanic.surfer.666 at web.de]
> Sent: Thursday, May 18, 2006 2:32 PM
> To: cod at icculus.org
> Subject: Re: [cod] Vulnerability if auto download is enabled
> on cod/coduo servers?
>
> Hi!
>
> ID fixes 2 vulnerabilities in the patches for Q3A, RTCW and
> ET. In one vulnerability the client was affected, in one
> vulnerability the server as you can see in this advisory:
>
> http://secunia.com/advisories/19984/
Oh thx m8 I didnt see that before.
This is not very good. This means an exploiter could be able to download
all readable files from the server.
Is turning off server side download sufficient as a workaround
currently?
--
Regards
deltaray
More information about the Cod
mailing list