Title: Half-Life HLTV Remote Denial Of Service Vulnerability
Severity: MODERATE
Description:
Half-Life is commercially available game which may be played over a network. HLTV is the Half-Life TV component of the Half-Life Dedicated Server (hlds). It is available for the Linux operating system.
A problem with HLTV could make it possible for a remote user to deny service to legitimate users.
It has been reported that under some circumstances, a remote user may cause the service to crash. By sending a specially crafted packet to the host, the service becomes unstable. The service must be manually restarted to resume normal operation.
The problem is in the handling of specific types of requests from clients. When an HLTV server receives a request of the string '\xff\xff\xff\xff\0' the server crashes. It is not know what impact this has on the operation of the game server.
Versions other than hlds 3.1.1.0 may also be affected.
Affected Products:
- Valve Software Half-Life 1.1.0.0.4 Linux
- Valve Software Half-Life Dedicated Server 3.1.1.0 Linux
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
