New HLDS Exploit has been found

Security Focus have found a new exploit with the HLDS (Half-Life Dedicated server) software.

The affected versions are:

Win32 4.1.1.0 and 4.1.1.0

Linux 3.1.1.0 and 3.1.1.1

    There is a buffer overflow in the Half-Life servers.

    Both the dedicated server and the game server are vulnerable.

    The only limitation in this buffer-overflow is that some bytes can not be used in the shellcode because they are delimiters or otherwise reserved for use by the Half-Life protocol. This puts some minor constraints on the execution of the remote code, but is far from limiting.

    Further, there is a Denial of Service vulnerability that completely freezes the server, entering it into an infinite loop.

For now, there is only an unofficial fix for the Windows HLDS:

Win32 4.1.1.0 fix: https://www.pivx.com/luigi/patches/hlbof-se...er-1110-fix.zip

Win32 4.1.1.1 fix: https://www.pivx.com/luigi/patches/hlbof-se...r-4111a-fix.zip

News source: Security Focus

Report a problem with article
Next Article

BetaPlace Down for Maintenance on Saturday, August 2nd

Previous Article

More trouble coming for Winamp?