PivX Solutions, a leader in Security Research & Responsible Disclosure announces the release of 3 buffer-overflow vulnerability advisories discovered by Luigi Auriemma, a senior security researcher for PivX Solutions, LLC. PivX also has released a free fix called 'Preparation V' to reduce the aggravation these bugs can cause & to protect users.

Currently, no fix is available from Valve. PivX & its researchers initially alerted Valve of this problem over 3 months ago on April 14th of 2003 at which time Valve's representatives informed PivX that a patch was in the works. Due to the severity of these vulnerabilities, PivX waited much longer than the industry standard of 30 days for a patch to be created & distributed by the vendor. However, after 100 days & no patch or fix from Valve, despite repeated inquiries, PivX has decided to release these vulnerabilities with their free fix that can be downloaded at www.pivx.com/preparationv.

Full advisory here. Note - This update need only be applied to game servers, not to client machines.

I only see a patch for the dedicated servers, where is the patch for the clients?

There isn't one, far as I understand it it can only affect a client playing on a vulnerable server. I've updated the post to mention this though now.

Thanks for the update and thanks for posting this fix, I wonder if Sierra will get off there @ss now