Описание
** DISPUTED ** Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed.
** DISPUTED ** Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-5690
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37335
- http://downloads.digium.com/pub/asa/AST-2007-024.html
- http://securityreason.com/securityalert/3319
- http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf
- http://www.securityfocus.com/archive/1/482597/100/0/threaded
- http://www.securityfocus.com/archive/1/483481/100/0/threaded
- http://www.securityfocus.com/bid/26160
- http://www.securitytracker.com/id?1018885
Связанные уязвимости
Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed
Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed
Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed
Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allo ...