Debian: typespeed buffer overflow vulnerability

    Date17 Jun 2003
    CategoryDebian
    1970
    Posted ByLinuxSecurity Advisories
    The network code contains a buffer overflow which could allow a remote attacker toexecute arbitrary code under the privileges of the user invoking typespeed, in addition to gid games.
    
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 322-1                     This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                             Matt Zimmerman
    June 16th, 2003                           http://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : typespeed
    Vulnerability  : buffer overflow
    Problem-Type   : remote
    Debian-specific: no
    CVE Id         : CAN-2003-0435
    
    typespeed is a game which challenges the player to type words
    correctly and quickly.  It contains a network play mode which allows
    players on different systems to play competitively.  The network code
    contains a buffer overflow which could allow a remote attacker to
    execute arbitrary code under the privileges of the user invoking
    typespeed, in addition to gid games.
    
    For the stable distribution (woody) this problem has been fixed in
    version 0.4.1-2.2.
    
    For the old stable distribution (potato) this problem has been fixed
    in version 0.4.0-5.2.
    
    For the unstable distribution (sid) this problem will be fixed soon.
    
    We recommend that you update your typespeed package.
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    Debian GNU/Linux 2.2 alias potato
    - ---------------------------------
    
      Source archives:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.0-5.2.dsc
          Size/MD5 checksum:      575 767dd2e18754d28aa6358088e28c4093
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.0-5.2.diff.gz
          Size/MD5 checksum:     6972 0c9ccfdb4de0d590c2564dc7234890c3
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.0.orig.tar.gz
          Size/MD5 checksum:    33037 587b3ca15b32142d24bd452881c64dd1
    
      Alpha architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.0-5.2_alpha.deb
          Size/MD5 checksum:    40806 9e3294ddcf9a1cd50ab22f68bc70398f
    
      ARM architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.0-5.2_arm.deb
          Size/MD5 checksum:    34768 9f2e9f3a5816625f285a77a6af4d7cba
    
      Intel IA-32 architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.0-5.2_i386.deb
          Size/MD5 checksum:    34342 11e219001c13f46d83692e5af4c2297e
    
      Motorola 680x0 architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.0-5.2_m68k.deb
          Size/MD5 checksum:    33564 cd348d47dac0b37a9d0a5b7a44f2d694
    
      PowerPC architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.0-5.2_powerpc.deb
          Size/MD5 checksum:    37066 c1b7f3e5609290a609093b7ac7484cdf
    
      Sun Sparc architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.0-5.2_sparc.deb
          Size/MD5 checksum:    39186 e62aa0e652a33f178b2605036e48fd94
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2.dsc
          Size/MD5 checksum:      575 024a4d1ab64016f9eba9e4044650648d
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2.diff.gz
          Size/MD5 checksum:     8355 6dfd0374cbf59287711d6a906db6d9ff
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1.orig.tar.gz
          Size/MD5 checksum:    35492 0af9809cd20bd9010732ced930090f32
    
      Alpha architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2_alpha.deb
          Size/MD5 checksum:    44396 0369a05fe541e5a971fa2c3a51241fce
    
      ARM architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2_arm.deb
          Size/MD5 checksum:    39072 646893ab59053e1f917ff07bcfd0959b
    
      Intel IA-32 architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2_i386.deb
          Size/MD5 checksum:    38778 fed120a0eb74f05b64aa3605b893f1aa
    
      Intel IA-64 architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2_ia64.deb
          Size/MD5 checksum:    50038 7ab9b9c6c4dd8137dd081166d6e665cf
    
      HP Precision architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2_hppa.deb
          Size/MD5 checksum:    41976 798a5e04cd5f0fb389f0b6f5588104c0
    
      Motorola 680x0 architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2_m68k.deb
          Size/MD5 checksum:    37472 1629b0912b07469909daa6ed168799f6
    
      Big endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2_mips.deb
          Size/MD5 checksum:    41132 f92ab74c13116dd5e72cd8c8472b8291
    
      Little endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2_mipsel.deb
          Size/MD5 checksum:    41152 c2232aba2146b647d98ac86ef12110ea
    
      PowerPC architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2_powerpc.deb
          Size/MD5 checksum:    41324 2937d98be2af68983b8f529f38e6f832
    
      IBM S/390 architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2_s390.deb
          Size/MD5 checksum:    38932 a070a445396df2f7a615a16500f49e65
    
      Sun Sparc architecture:
    
         http://security.debian.org/pool/updates/main/t/typespeed/typespeed_0.4.1-2.2_sparc.deb
          Size/MD5 checksum:    43040 5292c53c201b105265b1a9addb031d7f
    
      These files will probably be moved into the stable distribution on
      its next revision.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and  http://packages.debian.org/
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"65","type":"x","order":"1","pct":57.52,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.27,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"33","type":"x","order":"3","pct":29.2,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.