TechSpot

Multiple Vulnerabilities in Half-Life

By TS | Thomas
Aug 2, 2003
  1. PivX Solutions, a leader in Security Research & Responsible Disclosure announces the release of 3 buffer-overflow vulnerability advisories discovered by Luigi Auriemma, a senior security researcher for PivX Solutions, LLC. PivX also has released a free fix called 'Preparation V' to reduce the aggravation these bugs can cause & to protect users.

    Currently, no fix is available from Valve. PivX & its researchers initially alerted Valve of this problem over 3 months ago on April 14th of 2003 at which time Valve's representatives informed PivX that a patch was in the works. Due to the severity of these vulnerabilities, PivX waited much longer than the industry standard of 30 days for a patch to be created & distributed by the vendor. However, after 100 days & no patch or fix from Valve, despite repeated inquiries, PivX has decided to release these vulnerabilities with their free fix that can be downloaded at www.pivx.com/preparationv.

    Full advisory here. Note - This update need only be applied to game servers, not to client machines.
     
  2. Hydro

    Hydro TS Rookie

    I only see a patch for the dedicated servers, where is the patch for the clients?
     
  3. TS | Thomas

    TS | Thomas TS Rookie Topic Starter Posts: 1,319

    There isn't one, far as I understand it it can only affect a client playing on a vulnerable server. I've updated the post to mention this though now.
     
  4. Hydro

    Hydro TS Rookie

    Thanks for the update and thanks for posting this fix, I wonder if Sierra will get off there @ss now ;)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...