Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5690


Vulnerability Score 4.6 4.6
CVE Id CVE-2007-5690
Last Modified 05 Sep 2008 05:31:25
Published 29 Oct 2007 03:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



** DISPUTED ** Buffer overflow in sethdlc.c in the Asterisk Zaptel might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed.

Vulnerable Systems


  • Asterisk Zaptel


XF - zaptel-sethdlc-bo(37335)

SECTRACK - 1018885

BID - 26160

BUGTRAQ - 20071108 AST-2007-024 - Fallacious security advisory spread on the Internet involving buffer overflow in Zaptel's sethdlc application

BUGTRAQ - 20071020 [ELEYTT] Public Advisory 20-10-2007


SREASON - 3319


Last Updated: 27 May 2016 10:46:14