Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automatically appends an _ (underscore) to the end of duplicate nicknames, which allows remote attackers to cause a denial of service (application crash) by creating multiple users with long, identical nicknames, which triggers an off-by-one error.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Tenes_empanadas_graciela | Teg | 0.11.1 (including) | 0.11.1 (including) |
| Teg | Ubuntu | dapper | * |
| Teg | Ubuntu | devel | * |
| Teg | Ubuntu | edgy | * |
| Teg | Ubuntu | feisty | * |
| Teg | Ubuntu | gutsy | * |
| Teg | Ubuntu | hardy | * |
| Teg | Ubuntu | intrepid | * |
| Teg | Ubuntu | jaunty | * |
| Teg | Ubuntu | karmic | * |
References
- http://aluigi.altervista.org/adv/tegob1-adv.txt
- http://secunia.com/advisories/19134
- http://www.securityfocus.com/bid/16982
- http://www.vupen.com/english/advisories/2006/0846
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25165
- http://aluigi.altervista.org/adv/tegob1-adv.txt
- http://secunia.com/advisories/19134
- http://www.securityfocus.com/bid/16982
- http://www.vupen.com/english/advisories/2006/0846
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25165