Bug#507459: zaptel: insufficient input validation in some zaptel drivers
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Wed Dec 3 13:05:46 UTC 2008
On Wed, Dec 03, 2008 at 01:37:17PM +0100, Florian Weimer wrote:
> * Tzafrir Cohen:
>
> > Impact: local privileges escalation
> > Version: all versions (Now fixed in SVN, rev 4588)
> > Upstream issue: http://bugs.digium.com/view.php?id=13954
> >
> > Fix for Etch version: attached dpatch
> > Fix for Lenny version: http://svn.debian.org/viewsvn/pkg-voip?rev=6507&view=rev
> >
> > Some older Zaptel drivers do not apply input validation on the sync
> > field from the ioctl ZT_SPANCONFIG . This is sent on /dev/zap/ctl ,
> > which in Debian is writable to the group dialout.
>
> Would someone who can test a fixed Debian package please speak up?
>
> Tzafrir, could you do that if we send you packages pre-release?
I don't have that specific hardware. I can test it one hardwares I do
have to show it didn't break anything.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
More information about the Pkg-voip-maintainers
mailing list