Date: Sun, 10 Aug 2003 00:41:33 +0800 From: "Kang Liu" <lazykang@hotmail.com> To: FreeBSD-gnats-submit@FreeBSD.org Cc: kris@FreeBSD.org Subject: ports/55424: Potential high risk security problem in ports/games/halflifeserver Message-ID: <BAY8-F126MNFmWAFsTm00006fc9@hotmail.com> Resent-Message-ID: <200308091650.h79GoGkT099519@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 55424 >Category: ports >Synopsis: Potential high risk security problem in >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Aug 09 09:50:16 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Kang Liu >Release: FreeBSD 5.1-CURRENT i386 >Organization: Beijing University of Technology >Environment: System: FreeBSD testipfw.bjpu.edu.cn 5.1-CURRENT FreeBSD 5.1-CURRENT #8: Mon Aug 4 23:37:18 CST 2003 root@testipfw.bjpu.edu.cn:/usr/obj/usr/src/sys/IPFW i386 >Description: There might be a serious security problem(remote shell) in ports/games/halflifeserver. The exploit has been posted on bugtraq: http://www.securityfocus.com/archive/1/331941 I do not have halflife's game disc or bin, so I can not test if it is really work or not. >How-To-Repeat: n/a >Fix: mark as FORBIDDEN temporarily? _________________________________________________________________ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail >Release-Note: >Audit-Trail: >Unformatted: >ports/games/halflifeserver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BAY8-F126MNFmWAFsTm00006fc9>