[quake2] Hello (Server time)
Brendan Burns
brendanburns at attbi.com
Fri Nov 1 09:22:33 EST 2002
> I'm assuming the rcon vulnerability to rogue clients has been fixed in
> this
> server source. If not, anyone able to download and use a hacked
> client (Or
> if you know what you're really doing, write a script) will get your
> remote
> admin password. If anyone would like their server tested, change rcon
> to
> something cryptic, and email me with address to connect to your server.
>
This hole was pointed out awhile ago and has been fixed in the icculus
source (circa release 0.12 or 0.13) its in the appropriate release
notes.
--brendan
More information about the quake2
mailing list