Typespeed Remote Buffer Overflow Vulnerability
BID:18194
Info
Typespeed Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 18194 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2006-1515 |
| Remote: | Yes |
| Local: | No |
| Published: | May 31 2006 12:00AM |
| Updated: | Nov 28 2006 05:35PM |
| Credit: | Discovered by Niko Tyni. |
| Vulnerable: |
Typespeed Typespeed 0.4.4 Typespeed Typespeed 0.4.1 Gentoo Linux Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia-64 Debian Linux 3.0 ia-32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha Debian Linux 3.0 |
| Not Vulnerable: | |
Discussion
Typespeed Remote Buffer Overflow Vulnerability
Typespeed is susceptible to a remote buffer-overflow vulnerability. This issue is due to a failure in the application to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
This issue allows remote attackers to execute arbitrary machine code in the context of affected applications, aiding them in the compromise of affected computers.
Typespeed versions 0.4.1 and 0.4.4 are vulnerable to this issue; other versions may also be affected.
Typespeed is susceptible to a remote buffer-overflow vulnerability. This issue is due to a failure in the application to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
This issue allows remote attackers to execute arbitrary machine code in the context of affected applications, aiding them in the compromise of affected computers.
Typespeed versions 0.4.1 and 0.4.4 are vulnerable to this issue; other versions may also be affected.
Exploit / POC
Typespeed Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Typespeed Remote Buffer Overflow Vulnerability
Solution:
Please see the referenced third-party advisories for further information on obtaining and applying fixes.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected].
Typespeed Typespeed 0.4.1
Typespeed Typespeed 0.4.4
Solution:
Please see the referenced third-party advisories for further information on obtaining and applying fixes.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected].
Typespeed Typespeed 0.4.1
-
Debian typespeed_0.4.1-2.4_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.4_alpha.deb -
Debian typespeed_0.4.1-2.4_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.4_arm.deb -
Debian typespeed_0.4.1-2.4_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.4_hppa.deb -
Debian typespeed_0.4.1-2.4_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.4_i386.deb -
Debian typespeed_0.4.1-2.4_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.4_ia64.deb -
Debian typespeed_0.4.1-2.4_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.4_m68k.deb -
Debian typespeed_0.4.1-2.4_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.4_mips.deb -
Debian typespeed_0.4.1-2.4_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.4_mipsel.deb -
Debian typespeed_0.4.1-2.4_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.4_powerpc.deb -
Debian typespeed_0.4.1-2.4_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.4_s390.deb -
Debian typespeed_0.4.1-2.4_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .1-2.4_sparc.deb
Typespeed Typespeed 0.4.4
-
Debian typespeed_0.4.4-8sarge1_alpha.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .4-8sarge1_alpha.deb -
Debian typespeed_0.4.4-8sarge1_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .4-8sarge1_amd64.deb -
Debian typespeed_0.4.4-8sarge1_arm.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .4-8sarge1_arm.deb -
Debian typespeed_0.4.4-8sarge1_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .4-8sarge1_hppa.deb -
Debian typespeed_0.4.4-8sarge1_i386.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .4-8sarge1_i386.deb -
Debian typespeed_0.4.4-8sarge1_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .4-8sarge1_ia64.deb -
Debian typespeed_0.4.4-8sarge1_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .4-8sarge1_m68k.deb -
Debian typespeed_0.4.4-8sarge1_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .4-8sarge1_mips.deb -
Debian typespeed_0.4.4-8sarge1_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .4-8sarge1_mipsel.deb -
Debian typespeed_0.4.4-8sarge1_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .4-8sarge1_powerpc.deb -
Debian typespeed_0.4.4-8sarge1_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .4-8sarge1_s390.deb -
Debian typespeed_0.4.4-8sarge1_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4 .4-8sarge1_sparc.deb