Update Your Servers, Slackers!

02.08.2006 : 07:59
Recently id Software released patches which addressed security issues in Quake 3 Engine games, including Return to Castle Wolfenstein and Wolfenstein: Enemy Territory. ReyalP addresses the issues in the banimod forums with information on the vulnerability and why it's important to upgrade your servers.

''We have had several reports that people are actively exploiting the download vulnerability that exists in et prior to 2.60b and ETTV prior to beta-10. This exploit allows anyone who can connect to your server to download your server.cfg files (and thus obtain your passwords) and depending on your server configuration, may allow them to download other sensitive files outside of the et directory.

Anyone running a server with downloads enabled should update to 2.60b or the latest ettv.

you DO NOT have to update to the new etpro, or require the clients to update. Just update the server.''

--> The bug
--> ET 2.60b binaries (all platforms)
Planet Wolfenstein
| banimod forum