PivX Solutions, a leader in Security Research & Responsible Disclosure announces the release of 3 buffer-overflow vulnerability advisories discovered by Luigi Auriemma, a senior security researcher for PivX Solutions, LLC. PivX also has released a free fix called 'Preparation V' to reduce the aggravation these bugs can cause & to protect users.
Currently, no fix is available from Valve. PivX & its researchers initially alerted Valve of this problem over 3 months ago on April 14th of 2003 at which time Valve's representatives informed PivX that a patch was in the works. Due to the severity of these vulnerabilities, PivX waited much longer than the industry standard of 30 days for a patch to be created & distributed by the vendor. However, after 100 days & no patch or fix from Valve, despite repeated inquiries, PivX has decided to release these vulnerabilities with their free fix that can be downloaded at www.pivx.com/preparationv.
Full advisory here. Note - This update need only be applied to game servers, not to client machines.