CVE-2007-5690

NameCVE-2007-5690
DescriptionBuffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs448763

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
zaptelsource(unstable)1:1.4.8~dfsg-1unimportant448763

Notes

zaptel does copy argv[1] into ifr_name but zaptel is not suid root or something
similar so this is no security issue in Debian even if sethdl-new will segfault
Search for package or bug name: Reporting problems