CVE-2007-5690

Name	CVE-2007-5690
Description	Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs	448763

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
zaptel	source	(unstable)	1:1.4.8~dfsg-1	unimportant		448763

Notes

zaptel does copy argv[1] into ifr_name but zaptel is not suid root or something
similar so this is no security issue in Debian even if sethdl-new will segfault