CVE-2008-5744

NameCVE-2008-5744
DescriptionArray index error in the dahdi/tor2.c driver in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to an incorrect tor2 patch for CVE-2008-5396 that uses the wrong variable in a range check against the value of lc->sync.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1699-1
NVD severityhigh
Debian Bugs510583

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
zaptelsourceetch1:1.2.11.dfsg-1+etch1DSA-1699-1
zaptelsource(unstable)1:1.4.11~dfsg-3510583

Search for package or bug name: Reporting problems