Bugtraq mailing list archives
Half Life dedicated server information leak and DoS
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Wed, 19 Nov 2003 18:27:06 +0300
Dear bugtraq () securityfocus com, Probably is known, but is not documented: Vendor: Valve software Software: hlds, all versions (including steam). Problem: Information leak, DoS Author: SYZo[SND] Problem: in server configuration, if allowdownload = 1, it's possible to download any file from directory of the current game (cstrike was tested) or from 'valve' directory from server. Allowdownload is required to allow clients to retrieve new maps from server. Impact: It's possible to download configuration files (like server.cfg, configuration files for different mods, etc) with sensitive information, including passwords. Additionally, downloading large file (for example map) causes server to crash. "Exploit": cmd dlfile server.cfg cmd dlfile addons/amx/users.ini cmd dlfile addons/amx/mysql.cfg cmd dlfile maps/de_torn.bsp Workaround: disable downloads. -- http://www.security.nnov.ru /\_/\ { , . } |\ +--oQQo->{ ^ }<-----+ \ | ZARAZA U 3APA3A } You know my name - look up my number (The Beatles) +-------------o66o--+ / |/
Current thread:
- Half Life dedicated server information leak and DoS 3APA3A (Nov 19)