MaydaX Posted May 23, 2006 Share Posted May 23, 2006 A serious security (buffer overrun) flaw involving PunkBuster was recently discovered and reported. This flaw affects the optional WebTool component of PunkBuster servers on all platforms and for all supported games. This flaw does not affect game players (the PunkBuster Client) nor default installations of the PunkBuster Server, only PB Server installations where the server admin configured the use of the pb_sv_httpPort setting. An attacker with knowledge of the flaw can exploit it by crashing the game server at will. New PB Server Version v1.229 which addresses the flaw began going out for all supported games via our auto-update system within a few hours of the report. Any and all PB Server admins who use the WebTool are strongly encouraged to verify that they are running version v1.229 or higher of the PB Server on all of their servers that have PunkBuster enabled. Thanks to Luigi Auriemma for discovering the vulnerability and reporting it to us in a professional manner. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.