Computer Security
[EN] securityvulns.ru no-pyccku


Zaptel privilege escalation
Published:14.01.2009
Source:
SecurityVulns ID:9583
Type:local
Threat Level:
5/10
Description:It's possible to overwrite kernel memory.
Affected:ZAPTEL : Zaptel 1.4
 ZAPTEL : Zaptel 1.2
CVE:CVE-2008-5744 (Array index error in the dahdi/tor2.c driver in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to an incorrect tor2 patch for CVE-2008-5396 that uses the wrong variable in a range check against the value of lc->sync.)
 CVE-2008-5396
Original documentdocumentDEBIAN, [SECURITY] [DSA 1699-1] New zaptel packages fix privilege escalation (14.01.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod