live by the creed!
Extract the dual hidden blades of 15th Century assassin Ezio Auditore in Assassin's Creed II, a game that expands upon the original in every way you'd hoped. Click here for our full review!
More Modern Warfare!
The follow-up to Call of Duty 4 does plenty of little things better than its predecessor but is unfortunately marred by one incredibly bad decision. Find out why.
Build your own HD HTPC!
AusGamers understands the economic woes of our time, but don't want you to miss out on great HD home entertainment either. So check out our 'DYI' HD HTPC guide!
Aussie Game Dev Abroad!
Aussies are responsible for more than you might think in worldwide game development, we aim to introduce you to them. Meet Double Fine's Emily Ridgway!

Share:
Submit to Facebook Submit to Digg Submit to del.icio.us Submit to Reddit
Summary: Enemy Territory Patch Binaries v2.60b
Date: 09 May 06
Filename: et-2.60b.zip
Size: 4,143,401
Downloads: 21777
Last Download: 2 hours ago
Information URL: http://games.telenet.be/images/upload/ET_changel...
Description:
CVE-2006-2082: directory traversal / information leak in Quake III Arena auto download feature

Ludwig Nussel and Thilo Shulz discovered a vulnerability letting a malicious client download files from a server if auto download is enabled ( sv_allowDownload 1 ).

Issue #2 ( CVE pending ): R_RemapShaders buffer overflow

A second issue fixed in this release would let a malicious server exploit a buffer overflow to execute a shellcode on connecting clients.

--
Updated binaries for the following games are available:

Quake III Arena - fixed at version 1.32c
Return To Castle Wolfenstein - fixed at version 1.41b
Wolfenstein: Enemy Territory - fixed at version 2.60b

If you run a server with any older version, please upgrade or consider turning off autodownload ( set sv_allowDownload to 0 ). Wolfenstein: Enemy Territory servers http/ftp download feature is not affected by CVE-2006-2082. If you don't wish to upgrade, you can decide to only enable http/ftp downloads and disable legacy downloads in that particular case.

Finally, server administrators should note that game servers should be running in restricted environments as much as possible ( unpriviledged accounts and chroot jails ). It's a good thing to do the same for clients, or at least ensure that you are properly firewalled.
MD5 Sum: fb83b8732fc7373c277180b663debf57
SHA1 Sum: 19a529b890c20bb66f934e302afd9c281c06f188
 
 



Advertise with Us | Privacy Policy | Contact Us
© Copyright 2001-2009 AusGamers™ Pty Ltd. ACN 093 772 242.
A Mammoth Media web development.