CVE-2008-5396

NameCVE-2008-5396
DescriptionArray index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZT_SPANCONFIG ioctl.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1699-1
NVD severityhigh (attack range: local)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
zaptelsource(unstable)1:1.4.11~dfsg-3high
zaptelsourceetch1:1.2.11.dfsg-1+etch1highDSA-1699-1

Search for package or bug name: Reporting problems