Wednesday, May 25, 2005

Halo: Combat Evolved Denial of Service Vulnerability

Via Secunia.

Description:
Luigi Auriemma has reported a vulnerability in Halo: Combat Evolved, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the communication handling. This can be exploited to cause a vulnerable service to enter an infinite loop and consume a large amount of CPU resources by sending a specially crafted UDP datagram to the server.

The vulnerability has been reported in version 1.06 and 1.00 (Custom Edition), and prior.

Solution:
The vulnerability will reportedly be fixed in the upcoming 1.07 version.

Host games on a trusted network only.

0 Comments:

Post a Comment

<< Home