VULHUB ™

Half-Life is a popular game distributed and maintained by Valve Software. It includes features that allow users to game locally, or in distributed network environments. A buffer overflow has been discovered in the Half-Life client that could allow the execution of arbitrary code. When the /Connect command is supplied with an argument of 128 bytes of data, a buffer overflow occurs. This is compounded by the fact that utilities such as Admin-Mod can execute the /Connect command locally on clients. This could allow a malicious Half-Life server to execute arbitrary code, and potentially give access to a system with the privileges of the user of the Half-Life client.

Half-Life is a popular game distributed and maintained by Valve Software. It includes features that allow users to game locally, or in distributed network environments. A buffer overflow has been discovered in the Half-Life client that could allow the execution of arbitrary code. When the /Connect command is supplied with an argument of 128 bytes of data, a buffer overflow occurs. This is compounded by the fact that utilities such as Admin-Mod can execute the /Connect command locally on clients. This could allow a malicious Half-Life server to execute arbitrary code, and potentially give access to a system with the privileges of the user of the Half-Life client.