Slashdot Mirror

← Back to Stories (view on slashdot.org)

Half-Life Vulnerabilities Exposed, Patched

Posted by simoniker on from the publicized-then-fixed dept.

AEton writes "PivX Solutions revealed in a press release three apparently new vulnerabilities in Half-Life and its related mods (such as Counter-Strike and Day of Defeat). Security researcher Auriemma Luigi discovered the flaws, reported them to Valve, and waited over three months for an official response before releasing an unofficial patch to correct the issues. Details on each of the vulnerabilities and sample code are linked to in the press release. (The third one looks kind of flaky, but the buffer overflows seem real.)" Thanks to an anonymous reader for pointing out Valve have now released a dedicated Windows server patch and dedicated Linux server patch (links via Fileshack) which seem to fix the issues.

2 of 36 comments (clear)

  1. Actually Valve's already patched this (yesterday) by Pvt_Waldo · · Score: 0, Redundant
    Email from Eric Smith @ Valve...


    We've already released an update to fix this (yesterday).


    -Eric

  2. Re:3 months? Who cares? by psxndc · · Score: 0, Redundant
    HOLY FUCKING SHIT! What's up PK? [WoB]Abaddon here. What have you been up to?

    -psxndc

    --

    The emacs religion: to be saved, control excess.