Security Incidents mailing list archives
AW: Response from Activision re: RTCW?
From: vogt () hansenet com
Date: Mon, 11 Mar 2002 12:30:41 +0100
1.) I'm assuming this is poor business practice to recommend I go to fan sites to research something as critical as security issues?
given that RTCW is one of the more popular right now games, they're probably drowning in email in handling it through a frontoffice (callcenter), so it's very likely that the agent handling your mail simply didn't understand the issue.
2.) Are there known RTCW exploits? I haven't been able to find any information on this.
no out-of-the-box things. but it's a modified Q3 engine and Q3 has had a few exploits, so I would guess that they'll eventually appear. I recommend heavily to run servers of this kind under a unique user with minimal rights. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- AW: Response from Activision re: RTCW? vogt (Mar 11)