Buffer Overflow Vulnerability in Asterisk Zaptel by Digium
CVE-2007-5690

Currently unrated

Key Information:

Vendor: Asterisk
Status: Zaptel
Vendor: CVE Published:; 29 October 2007

What is CVE-2007-5690?

A buffer overflow vulnerability exists in the sethdlc.c file of Asterisk Zaptel 1.4.5.1, where a long device name in the ifr_name field could potentially allow local users to escalate privileges. However, the vendor contests this claim, asserting that the application requires root access, thus maintaining privilege boundaries. This issue has raised discussions in various security communities and advisory platforms.

References

http://www.securityfocus.com/archive/1/482597/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/37335

vdb-entryx_refsource_XF

http://downloads.digium.com/pub/asa/AST-2007-024.html

x_refsource_MISC

Timeline

Vulnerability published
Oct 29, 2007
Vulnerability Reserved
Oct 29, 2007