CVE-2007-5690

Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://downloads.digium.com/pub/asa/AST-2007-024.html
http://securityreason.com/securityalert/3319
http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf
http://www.securityfocus.com/archive/1/482597/100/0/threaded
http://www.securityfocus.com/archive/1/483481/100/0/threaded
http://www.securityfocus.com/bid/26160
http://www.securitytracker.com/id?1018885
https://exchange.xforce.ibmcloud.com/vulnerabilities/37335

Configurations

Configuration 1 (hide)

cpe:2.3:a:asterisk:zaptel:1.4.5.1:*:*:*:*:*:*:*

History

07 Nov 2023, 02:01

Type	Values Removed	Values Added
Summary	DISPUTED Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed.	Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed

Information

Published : 2007-10-29 19:46

Updated : 2024-08-07 16:15

NVD link : CVE-2007-5690

Mitre link : CVE-2007-5690

CVE.ORG link : CVE-2007-5690

JSON object : View

Products Affected

asterisk

zaptel

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2007-5690", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2007-10-29T19:46:00.000", "references": [{"url": "http://downloads.digium.com/pub/asa/AST-2007-024.html", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/3319", "source": "cve@mitre.org"}, {"url": "http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/482597/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/483481/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/26160", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1018885", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37335", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed"}, {"lang": "es", "value": "** EN DISPUTA ** Desbordamiento de b\u00fafer en sethdlc.c de Asterisk Zaptel versi\u00f3n 1.4.5.1 podr\u00eda permitir a usuarios locales obtener privilegios mediante un nombre de dispositivo largo (nombre de intefaz) en el campo ifr_name. NOTA: el vendedor impugna este asunto, bas\u00e1ndose en que la aplicaci\u00f3n requiere acceso de root, por lo que los limites de privilegios no son cruzados."}], "lastModified": "2024-08-07T16:15:31.080", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:asterisk:zaptel:1.4.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4D62B9C-BCC9-418B-BE37-50B1ECFC8115"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}