Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5396

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-5396
Last Modified 14 May 2009 01:31:36
Published 08 Dec 2008 07:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-5396

Summary

Array index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZT_SPANCONFIG ioctl.

Vulnerable Systems

Application

  • Asterisk Zaptel 1.2

  • Asterisk Zaptel 1.2.27

  • Asterisk Zaptel 1.4

  • Asterisk Zaptel 1.4.11


References

MLIST - [oss-security] 20081203 CVE Request (zaptel)

SECUNIA - 32960

SECUNIA - 32947

CONFIRM - http://bugs.digium.com/view.php?id=13954

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507459


Last Updated: 27 May 2016 10:48:48