Jump to content
Sign in to follow this  

About This Club

Call Of Duty 4 Discussions

  1. What's new in this club
  2. Quote from Fraggy Cod4X dev Details about the vulnerability, its sense etc. When was the vulnerability first time discovered? Well Treyarch has discovered this RCE vulnerability already within the development cycle of "CoD: BlackOps" (I did not check CoD:WaW) which got relased in year 2010. In BlackOps this vulnerability was purposefully patched by Treyarch but future CoD version developed by InfinityWards kept having that vulnerability. (You can think your own part about it. I am not going to rate it here.) I for my self know about this issue for about 5 years. However in CoD4 this vulnerability is hardly possible to exploit at all. Because CoD4 allocates a static heap buffer which can be overflowed. Binary analysing told me that overflowing that heap allocated buffer has no critical effect and so it can not be exploited. What can happen by overflowing it? A function pointer of the command "snd_list" can be overwritten. As it is impossible to pass any arguments on this way and it can work only when you run a listenserver (snd_list is a client command), and the attacker needs rcon execute the command, this is very unrealistic to do any damage ever. On CoDMW2 however this buffer was stack allocated (What I know about only for ca. 3 months) So for CoD4 this patch is actually useless but it is now done anyway in a rushed action as you can see. Most do not even host servers with iw3mp.exe anyway. However CoD4 has another RCE vulnerability which is also not fixed in the latest patch Activision released. This vulnerability is totally unknown to Activision but from even bigger severity. Because this does affect clients. The full automatic installation and execution of CoD4X18 should actually show you how dangerous such a buffer overflow vulnerability is. Servers could actually also give you ransomware instead CoD4X18. Using CoD4X18 does patch all this to me known vulnerabilities and also covers the one Activision patched right now. It is safer to obtain CoD4X18 from this site than joining any server which gives it maybe to you or maybe gives you something else.
  3. well u can patch back to 1.7 and keep it in steam. They will only send out the 1.8 patch if u reinstall the game
  4. This is a new file or the same from your previous post ? What is funny, is Activision is patching COD4 Steam games, but do not deliver patch for CD retail version !! šŸ¤” Shame on them to try to break the game. EDIT : Other thing, because you can't cancel Steam games update and to prevent to come back to 1.6 (even after installing 1.7) you have to copy/paste your full game folder of COD4 outside Steam folder and launch your game with double click on iw3mp.exe or create a shortcut.
  5. Steam seems to have started a campain to kill Cod4x. They have made their own 1.8 patch and force it on all steam users. To be able to Use Cod4X you must use this patch Download -----> Patch 1.7
  6. Modern Warfare (COD4) Steam users may have notised the lastest downgrade in cod4 Steam have downpatch the game from 1.7 to 1.6. 1.6 users wont be able to see or play on 1.7 servers. Steam also wont allow users to manualy pach the game back to 1.7 with the official 1.6-1.7 patch. Solution: if u got your Cod4 downgraded to 1.6 use this iw3mp.exe in the link down below. Paste it inside your cod4 game and replace the old one. This iw3mp.exe is a original file from the 1.7 patch and all that needs tp patch back to 1.7 Download -----> Cod4 1.7 Patch
  7. Welcome To Call Of Duty 4 Club Forum. Feel free to post what ever you think concerns Call Of Duty 4
  8.  

Map Hosting by 4T4Chris

For all your Call of Duty

Map Hosting and Download needs!

Click on the link below

Click Here!

Images for your Site

mubutton.rar

×