Bugtraq mailing list archives

Re: RSI.0001.05-01-98.ALL.QUAKE_SERVER

From: xian () IDSOFTWARE COM (Christian Antkow)
Date: Tue, 5 May 1998 12:05:32 -0500


At 11:01 AM 5/5/98 +0100, you wrote:

We've found that putting 194.246.40.42 into the ip ban list on the server

does

NOT work for this exploit, using Jeff's exploit for this.  Instead, we had to
us ipfwadm, to block incoming packets from this site, which did the

trick(this

being under Linux).


 Right. Either do an "addip 192.246.40.0" in the server console, or wait
for the Quake II v3.15 patch due out shortly. We should be releasing
QuakeWorld updates at the same time as well.

 Alternately, there is a fix available from David "CRT" Wright at
http://www.planetquake.com/arena/rconfix/rconfix5.zip which should patch
all affected version of Quake. Source is available.

 -Xian

Current thread:

Re: RSI.0001.05-01-98.ALL.QUAKE_SERVER Nick (May 01)
- Re: RSI.0001.05-01-98.ALL.QUAKE_SERVER Mark Morgan (May 05)
  - Re: RSI.0001.05-01-98.ALL.QUAKE_SERVER jtb (May 05)
  - Re: RSI.0001.05-01-98.ALL.QUAKE_SERVER Christian Antkow (May 05)
  - 3Com switches - undocumented access level. Eric Monti (May 05)
- xterm and Xaw library vulnerability (XFree86 advisory) David Dawes (May 05)
  - Re: xterm and Xaw library vulnerability (XFree86 advisory) David Dawes (May 06)
- Fix for Quake Servers dizzy (May 05)