[quake2] Hello (Server time)

Brendan Burns brendanburns at attbi.com
Fri Nov 1 09:22:33 EST 2002

> I'm assuming the rcon vulnerability to rogue clients has been fixed in 
> this
> server source.  If not, anyone able to download and use a hacked 
> client (Or
> if you know what you're really doing, write a script) will get your 
> remote
> admin password.  If anyone would like their server tested, change rcon 
> to
> something cryptic, and email me with address to connect to your server.

This hole was pointed out awhile ago and has been fixed in the icculus 
source (circa release 0.12 or 0.13) its in the appropriate release 


More information about the quake2 mailing list