CVE-2007-1217

NameCVE-2007-1217
DescriptionBuffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service (crash) and possibly gain privileges via a crafted CAPI packet.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs408530, 411293, 411294

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
isdnutils (PTS)buster1:3.25+dfsg1-10fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
asterisk-chan-capisource(unstable)0.7.1-1.1unimportant411293
isdnutilssource(unstable)1:3.9.20060704-3low408530
linux-2.6source(unstable)2.6.21-1unimportant411294

Notes

[sarge] - isdnutils <no-dsa> (Not exploitable over ISDN network)
Not exploitable over ISDN network, only theoretically through a dedicated CAPI server
Search for package or bug name: Reporting problems