Bugtraq mailing list archives

Re: Half Life dedicated server Patch

From: Thiago Zaninotti <condor () SEKURE ORG>
Date: Sun, 29 Oct 2000 16:30:28 -0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Just for your information,

I've tested the patched version of HLDS and it doesn't seem to be
vulnerable to the format string error found in rcon command.

Bad Rcon from 127.0.0.1:2020:
rcon %p%p%p%p

- -condor
Thiago Zaninotti
PK available through mail.

Tamandua Sekure Labs - Brazil
http://tamandua.sekure.org
mailto:labs () sekure org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE5/Gxsf/woA9GCB6cRApBRAKDKyI+L9usDnRcySDnXXZhNedpZ1wCg29Rg
v90No5CPgrR2pr7ZsLrsASI=
=7X+a
-----END PGP SIGNATURE-----

Someone pointed me to an announcement of a new Half Life patch which
should be released next week and should fix the vulnerability described
at http://www.securityfocus.com/bid/1799

New features and fixes include:
- Linux security issue resolved. <---------------------


  The patch was released earlier today. The linuxreadme.txt file
included in the release noted this as the only security related change:

- Rcon buffer overflow fixed.

It does not make any mention of the format string bug as mentioned in
'Tamandua Sekure Labs Security Advisory 2000-01'

Current thread:

Re: Half Life dedicated server Patch Nathan Woodcock (Oct 28)
- Re: Half Life dedicated server Patch Shaun Meckler (Oct 30)
- <Possible follow-ups>
- Re: Half Life dedicated server Patch Shaun Meckler (Oct 30)
- Re: Half Life dedicated server Patch Thiago Zaninotti (Oct 30)