Official Content > News

Soldat Dedicated Server Security Flaw - Fix Released

(1/3) > >>

chrisgbk:
IMPORTANT: THIS FLAW CAN BE ABUSED TO DOWNLOAD -ANY- FILE OFF THE SERVER; USING RELATIVE PATHS IT'S POSSIBLE FOR SOMEONE TO DOWNLOAD SUCH THINGS AS PHP FILES THAT CONTAIN PASSWORDS FOR ROOT SERVER ACCESS. DISABLE FILE TRANSFER IMMEDIATELY UNTIL YOU UPGRADE!

A recent flaw with file sending has been discovered, that allows attackers to send a specially crafted string to the server and get your soldat.ini, and thus, your admin password. A fix has been released; see this topic.

truup:
GJ Enesce we trust in you.

skc.r0adkill:
 :-X

KeYDoN:
:x :x

Frenchie:
Just wondering, how many different versions does this bug affect?

Hope it hasn't been around that long.

Navigation

[0] Message Index

[#] Next page