When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

New HLDS Exploit has been found

Neowin · · Hot! with 1 comment

Security Focus have found a new exploit with the HLDS (Half-Life Dedicated server) software.

The affected versions are:

Win32 4.1.1.0 and 4.1.1.0

Linux 3.1.1.0 and 3.1.1.1

    There is a buffer overflow in the Half-Life servers.

    Both the dedicated server and the game server are vulnerable.

    The only limitation in this buffer-overflow is that some bytes can not be used in the shellcode because they are delimiters or otherwise reserved for use by the Half-Life protocol. This puts some minor constraints on the execution of the remote code, but is far from limiting.

    Further, there is a Denial of Service vulnerability that completely freezes the server, entering it into an infinite loop.

For now, there is only an unofficial fix for the Windows HLDS:

Win32 4.1.1.0 fix: https://www.pivx.com/luigi/patches/hlbof-se...er-1110-fix.zip

Win32 4.1.1.1 fix: https://www.pivx.com/luigi/patches/hlbof-se...r-4111a-fix.zip

News source: Security Focus

Report a problem with article
Next Article

BetaPlace Down for Maintenance on Saturday, August 2nd

Previous Article

More trouble coming for Winamp?

Join the conversation!

Login or Sign Up to read and post a comment.

1 Comment - Add comment