MultiTheftAuto 0.5 patch 1 and earlier does not properly verify client privileges when running command 40, which allows remote attackers to change or delete the message of the day (motd.txt).Referenceshttp://aluigi.altervista.org/adv/mtaboom-adv.txthttp://secunia.com/advisories/16926/http://lists.grok.org.uk/pipermail/full-disclosure/2005-September/037384.html
