Typespeed Local Format String Vulnerability
BID:12569
Info
Typespeed Local Format String Vulnerability
| Bugtraq ID: | 12569 |
| Class: | Input Validation Error |
| CVE: |
CVE-2005-0105 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 16 2005 12:00AM |
| Updated: | Jul 12 2009 10:06AM |
| Credit: | Discovered by Ulf Härnhammar. |
| Vulnerable: |
Typespeed Typespeed 0.4.1 |
| Not Vulnerable: | |
Discussion
Typespeed Local Format String Vulnerability
typespeed is prone to a local format string vulnerability. Successful could allow privilege escalation.
typespeed is prone to a local format string vulnerability. Successful could allow privilege escalation.
Exploit / POC
Typespeed Local Format String Vulnerability
The following proof of concept is available:
The following proof of concept is available:
Solution / Fix
Typespeed Local Format String Vulnerability
Solution:
Debian has released an advisory (DSA 684-1) and fixes to address this issue. Please see the referenced advisory for links to fixed packages.
Typespeed Typespeed 0.4.1
Solution:
Debian has released an advisory (DSA 684-1) and fixes to address this issue. Please see the referenced advisory for links to fixed packages.
Typespeed Typespeed 0.4.1
-
Debian typespeed_0.4.1-2.3_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.3_alpha.deb -
Debian typespeed_0.4.1-2.3_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.3_arm.deb -
Debian typespeed_0.4.1-2.3_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.3_hppa.deb -
Debian typespeed_0.4.1-2.3_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.3_i386.deb -
Debian typespeed_0.4.1-2.3_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.3_ia64.deb -
Debian typespeed_0.4.1-2.3_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.3_m68k.deb -
Debian typespeed_0.4.1-2.3_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.3_mips.deb -
Debian typespeed_0.4.1-2.3_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.3_mipsel.deb -
Debian typespeed_0.4.1-2.3_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.3_powerpc.deb -
Debian typespeed_0.4.1-2.3_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.3_s390.deb -
Debian typespeed_0.4.1-2.3_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.3_sparc.deb
References
Typespeed Local Format String Vulnerability
References:
References: