Typespeed: Remote execution of arbitrary code — GLSA 200606-20

A buffer overflow in the network code of Typespeed can lead to the execution of arbitrary code.

Affected packages

games-misc/typespeed on all architectures
Affected versions < 0.5.0
Unaffected versions >= 0.5.0

Background

Typespeed is a game to test and practice 10-finger-typing. Network code allows two users to compete head-to-head.

Description

Niko Tyni discovered a buffer overflow in the addnewword() function of Typespeed's network code.

Impact

By sending specially crafted network packets to a machine running Typespeed in multiplayer mode, a remote attacker can execute arbitrary code with the permissions of the user running the game.

Workaround

Do not run Typespeed in multiplayer mode. There is no known workaround at this time for multiplayer mode.

Resolution

All Typespeed users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=games-misc/typespeed-0.5.0"

References

Release date
June 19, 2006

Latest revision
June 19, 2006: 01

Severity
high

Exploitable
remote

Bugzilla entries