Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors related to lists of numbers.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Tinymux | Tinymux | 2.4 (including) | 2.4 (including) |
| Tinymux | Ubuntu | dapper | * |
| Tinymux | Ubuntu | devel | * |
| Tinymux | Ubuntu | edgy | * |
| Tinymux | Ubuntu | feisty | * |
| Tinymux | Ubuntu | gutsy | * |
| Tinymux | Ubuntu | hardy | * |
| Tinymux | Ubuntu | intrepid | * |
| Tinymux | Ubuntu | jaunty | * |
| Tinymux | Ubuntu | karmic | * |
References
- http://code.google.com/p/tinymux/issues/detail?id=282\u0026can=2\u0026q=
- http://osvdb.org/34686
- http://secunia.com/advisories/24733
- http://secunia.com/advisories/25784
- http://www.debian.org/security/2007/dsa-1317
- http://www.securityfocus.com/bid/23292
- http://www.tinymux.org/changes.txt
- http://www.vupen.com/english/advisories/2007/1213
- http://code.google.com/p/tinymux/issues/detail?id=282\u0026can=2\u0026q=
- http://osvdb.org/34686
- http://secunia.com/advisories/24733
- http://secunia.com/advisories/25784
- http://www.debian.org/security/2007/dsa-1317
- http://www.securityfocus.com/bid/23292
- http://www.tinymux.org/changes.txt
- http://www.vupen.com/english/advisories/2007/1213