Bug#507459: zaptel: insufficient input validation in some zaptel drivers
Florian Weimer
fw at deneb.enyo.de
Wed Dec 3 12:37:17 UTC 2008
* Tzafrir Cohen:
> Impact: local privileges escalation
> Version: all versions (Now fixed in SVN, rev 4588)
> Upstream issue: http://bugs.digium.com/view.php?id=13954
>
> Fix for Etch version: attached dpatch
> Fix for Lenny version: http://svn.debian.org/viewsvn/pkg-voip?rev=6507&view=rev
>
> Some older Zaptel drivers do not apply input validation on the sync
> field from the ioctl ZT_SPANCONFIG . This is sent on /dev/zap/ctl ,
> which in Debian is writable to the group dialout.
Would someone who can test a fixed Debian package please speak up?
Tzafrir, could you do that if we send you packages pre-release?
More information about the Pkg-voip-maintainers
mailing list