Bug#448763: CVE-2007-5690 Buffer overflow in sethdlc.c
nion at debian.org
Wed Oct 31 19:07:53 UTC 2007
* Tzafrir Cohen <tzafrir.cohen at xorcom.com> [2007-10-31 20:03]:
> On Wed, Oct 31, 2007 at 07:44:13PM +0100, Nico Golde wrote:
> > This is not really a security problem in Debian since
> > sethdlc-new is not suid root so it will just segfault.
> > For further information:
> >  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5690
> Note, however, that sethdlc.c does not get installed by default on
> Debian. The issue does seem to affect sethdlc-new.
> In fact, it will not even build on kernels newer than 2.4.20 .
> sethdlc-new is not installed by default in any automated script.
> Looking into this right now.
I haven't checked which binary is created by sethdlc.c I
just assumed it is sethdlc-new and could reproduce this
issue after reading the code with it.
Anyway, this is tagged as "unimportant" in the security
tracker but the strcpy in line 296 sethdlc.c should be
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20071031/9b4a36a3/attachment.pgp
More information about the Pkg-voip-maintainers