Please make sure your server has updated patch binaries.
Get patch_ver.dll from your box, and check it with Version Checker.
Current, fixed version number is 1.002
ANOTHER IMPORTANT THING
This kind of attack allowed cheater to get ClientAdmin access, check your admins.ini if there aren't any modifications. Also check your RCon password.
I'm not sure which access priviledges he can get, but it's safe if you change your RCon password and check if there isn't any new admin added in admins.ini
It was partialy caused by a bug in the patch. It's fixed with latest update.
If you want to force update, set 2010 year in update_reborn.txt file.
On next map change, server should detect new update and on second map change it should start updating.
If it doesn't, or you have problems with it, and your patch_ver.dll still shows 1.001, then let me know and I'll post binaries for you, here in this thread.
ABOUT ATTACK ITSELF
It's a Buffer Overflow attack, that is sent with the use of MoHAA internal command (not a command like lod_spawn etc.), so it needed deeper engine modifications. It allows attacker to get ClientAdmin priviledges and to crash server.
Linux servers were only partially vulnerable (attacker can get admin access but can't crash server), but everything is fixed in new release.
-------------------------------------------------------
UPDATE !!
There was a small bug that caused patch to crash when someone tried to log in as admin.
To fix this you can do 2 things:
1. Restore old files from Update/old_backup folder or install patch again from download link and allow it to update again
2. Download manual small update from links below:
Windows:
http://www.x-null.net/MOH/manual_upd...ex86BOFFix.zip
Linux:
http://www.x-null.net/MOH/manual_upd...serinfoFix.zip