Administrator
Location: Hagen
Occupation: Mechatroniker (didaktische Systeme)
wcf.user.option.userOption53: Nein
Quoted from "Kate"
Today I noticed a 'hacker' (I use the term loosely) rcon hacking our server.
As a result I ended up changing my passwords (rcon, sourcebans, mysql, et
al) and the 'hacker' kept getting in, removing his ban/getting our new rcon
password...
I HIGHLY recommend that people stop using this application until their web
team can fix the bug as it provides them your rcon password if you've input
that in to your database.
Quoted from "Kate"
Note that the exploit that I reported is -NOT- that XSS exploit. Further,
there will be an update to patch it in the next few days.
Super Moderator
Location: Lutherstadt Wittenberg
Occupation: Anlagenmechaniker
wcf.user.option.userOption53: Ja
Administrator
Location: Hagen
Occupation: Mechatroniker (didaktische Systeme)
wcf.user.option.userOption53: Nein
Quoted from "Kate"
According to their channel they may be releasing 1.4.8 either today or
tomorrow to resolve this problem.
I'm also uncertain who they spoke to regarding the XSS exploit as they were
nothing but polite and quick to resolve the problem.
Super Moderator
Location: Lutherstadt Wittenberg
Occupation: Anlagenmechaniker
wcf.user.option.userOption53: Ja
This post has been edited 1 times, last edit by "rain" (Mar 12th 2011, 9:48pm)
Super Moderator
Location: Lutherstadt Wittenberg
Occupation: Anlagenmechaniker
wcf.user.option.userOption53: Ja
This post has been edited 1 times, last edit by "Canc3lL0g0ut" (Mar 13th 2011, 12:54pm)
ääähhmm naja ich hätte dazu schreiben sollen das ich die 4.0 RC1 verwende