10 lines
No EOL
665 B
Text
10 lines
No EOL
665 B
Text
source: https://www.securityfocus.com/bid/9070/info
|
|
|
|
Half-Life dedicated server has been reported prone to an information disclosure vulnerability. This issue may also be exploited to deny service to legitimate users of the Half-Life dedicated server.
|
|
|
|
The issue presents itself due to a flaw in download functionality that is provided by the Half-Life dedicated server. It has been reported that a malicious attacker may exploit this functionality to download any file from the root folder of the current running game type, or from the valve folder.
|
|
|
|
cmd dlfile server.cfg
|
|
cmd dlfile addons/amx/users.ini
|
|
cmd dlfile addons/amx/mysql.cfg
|
|
cmd dlfile maps/de_torn.bsp |