[quake3] File download exploit
arny at ats.s.bawue.de
Tue Feb 12 06:37:56 PST 2008
On Dienstag, 12. Februar 2008, James Munro wrote:
> The code will allow you to download any file from the server. As standard,
> the Q3 server file download function does not check which directory the
> user is downloading from, and so this code can be used to download the
> server.cfgwhich may contain the rcon password, so it is clear why this
> is a problem!
This looks like an exploit for a bug that Ludwig Nussel and I have found some
time ago already. Please look at my advisory for more information:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part.
More information about the ioquake3