Bug#507459: zaptel: insufficient input validation in some zaptel drivers

Florian Weimer fw at deneb.enyo.de
Wed Dec 3 12:37:17 UTC 2008


* Tzafrir Cohen:

> Impact: local privileges escalation
> Version: all versions (Now fixed in SVN, rev 4588)
> Upstream issue: http://bugs.digium.com/view.php?id=13954
>
> Fix for Etch version: attached dpatch
> Fix for Lenny version: http://svn.debian.org/viewsvn/pkg-voip?rev=6507&view=rev
>
> Some older Zaptel drivers do not apply input validation on the sync 
> field from the ioctl ZT_SPANCONFIG . This is sent on /dev/zap/ctl ,
> which in Debian is writable to the group dialout.

Would someone who can test a fixed Debian package please speak up?

Tzafrir, could you do that if we send you packages pre-release?





More information about the Pkg-voip-maintainers mailing list