Multiple Vulnerabilities in Half-Life

By Thomas McGuire on August 2, 2003, 5:36 AM
PivX Solutions, a leader in Security Research & Responsible Disclosure announces the release of 3 buffer-overflow vulnerability advisories discovered by Luigi Auriemma, a senior security researcher for PivX Solutions, LLC. PivX also has released a free fix called '[url="http://www.pivx.com/preparationv/"]Preparation V[/url]' to reduce the aggravation these bugs can cause & to protect users.

Currently, no fix is available from Valve. PivX & its researchers initially alerted Valve of this problem over 3 months ago on April 14th of 2003 at which time Valve's representatives informed PivX that a patch was in the works. Due to the severity of these vulnerabilities, PivX waited much longer than the industry standard of 30 days for a patch to be created & distributed by the vendor. However, after 100 days & no patch or fix from Valve, despite repeated inquiries, PivX has decided to release these vulnerabilities with their free fix that can be downloaded at [url="http://www.pivx.com/preparationv/"]www.pivx.com/preparationv[/url].

[url="http://www.pivx.com/press_releases/valve_release01.html"]Full advisory here[/url]. Note - This update need only be applied to game servers, not to client machines.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.