Official Content > News
Soldat Dedicated Server Security Flaw - Fix Released
chrisgbk:
IMPORTANT: THIS FLAW CAN BE ABUSED TO DOWNLOAD -ANY- FILE OFF THE SERVER; USING RELATIVE PATHS IT'S POSSIBLE FOR SOMEONE TO DOWNLOAD SUCH THINGS AS PHP FILES THAT CONTAIN PASSWORDS FOR ROOT SERVER ACCESS. DISABLE FILE TRANSFER IMMEDIATELY UNTIL YOU UPGRADE!
A recent flaw with file sending has been discovered, that allows attackers to send a specially crafted string to the server and get your soldat.ini, and thus, your admin password. A fix has been released; see this topic.
truup:
GJ Enesce we trust in you.
skc.r0adkill:
:-X
KeYDoN:
:x :x
Frenchie:
Just wondering, how many different versions does this bug affect?
Hope it hasn't been around that long.
Navigation
[0] Message Index
[#] Next page
Go to full version