[cod] forget about IW2 and get back to work :)
Bong-Master
bong-master at thesilverdagger.co.uk
Tue Oct 20 05:49:18 EDT 2009
Tell your customers to update there game as you are updating the servers :P
Nice simple solution. pirated clients use 1.0. Pet Do the good thing say Bye
Bye to you 1.0 Clients & support the game in the way this mailing list
dose. You personally are letting the side down so to speak Simply by
allowing pirated clients to use your services. But then in a diffrent way
who do you blame the client or the hoster ?? My personal view is that i
blame the hoster First then the client Simply because if the hosted DID not
offer this service the client would not have a dedi server to play his
pirated game on.
--------------------------------------------------
From: "pet" <games at maxrate.pl>
Sent: Tuesday, October 20, 2009 8:29 AM
To: "Call of Duty server admin list." <cod at icculus.org>
Subject: Re: [cod] forget about IW2 and get back to work :)
> I have to find some solution, most of my customers order 1.0 version, is
> very popular.
>
>
> escapedturkey pisze:
>> People run 1.0 to support pirated clients. Is this not true? If so, well,
>> our supporting and helping them gives IW justification for dumping
>> dedicated server support.
>>
>> pet wrote:
>>> So :) I have some little problem, which is probably well known:
>>>
>>> ERROR: Attempted to overrun string in call to va()
>>>
>>> yep, somebody has messed up on my cod 2 1.0 server
>>>
>>>
>>>
>>> "va() is a function of the Quake 3 engine used to quickly build strings
>>> using snprintf and a static destination buffer.
>>> Read more on: : i3D.net Game Forums
>>> http://forum.i3d.net/call-duty-series-newsletter/48158-cod-cod-ww-1024-bytes-command-exploit.html
>>> If the generated string is longer than the available buffer the server
>>> shows an "Attempted to overrun string in call to va()" error and
>>> terminates.
>>> From Call of Duty 2 (and consequently) the size of this buffer has
>>> been reduced from the original 32000 bytes to only 1024 causing many
>>> problems to the admins.
>>>
>>> So in CoD5 an attacker which has joined the server can exploit this
>>> vulnerability through the sending of a command longer than 1024 bytes
>>> causing the immediate termination of the server."
>>>
>>> I try it, and it works. I you send this command to the server, it will
>>> crash:
>>>
>>> cmd aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaa
>>>
>>>
>>> so
>>>
>>> any solution ?
>>>
>>>
>>> any help will be appreciated.
>>>
>>>
>>> _______________________________________________
>>> cod mailing list
>>> cod at icculus.org
>>> http://icculus.org/mailman/listinfo/cod
>>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org
>> http://icculus.org/mailman/listinfo/cod
>>
>
> _______________________________________________
> cod mailing list
> cod at icculus.org
> http://icculus.org/mailman/listinfo/cod
More information about the cod
mailing list