CVE-2007-5690 - OpenCVE

Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Asterisk	Zaptel

Configuration 1 [-]

cpe:2.3:a:asterisk:zaptel:1.4.5.1:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://downloads.digium.com/pub/asa/AST-2007-024.html
http://securityreason.com/securityalert/3319
http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf
http://www.securityfocus.com/archive/1/482597/100/0/threaded
http://www.securityfocus.com/archive/1/483481/100/0/threaded
http://www.securityfocus.com/bid/26160
http://www.securitytracker.com/id?1018885
https://exchange.xforce.ibmcloud.com/vulnerabilities/37335
https://nvd.nist.gov/vuln/detail/CVE-2007-5690
https://www.cve.org/CVERecord?id=CVE-2007-5690

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-10-29T19:00:00

Updated: 2024-08-07T15:39:13.605Z

Reserved: 2007-10-29T00:00:00

Link: CVE-2007-5690

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-10-29T19:46:00.000

Modified: 2024-08-07T16:15:31.080

Link: CVE-2007-5690

Redhat

Severity :

Publid Date: 2007-10-20T00:00:00Z

Links: CVE-2007-5690 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-10-20T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20071020 [ELEYTT] Public Advisory 20-10-2007", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/482597/100/0/threaded"}, {"name": "zaptel-sethdlc-bo(37335)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37335"}, {"tags": ["x_refsource_MISC"], "url": "http://downloads.digium.com/pub/asa/AST-2007-024.html"}, {"name": "20071108 AST-2007-024 - Fallacious security advisory spread on the Internet involving buffer overflow in Zaptel's sethdlc application", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/483481/100/0/threaded"}, {"name": "26160", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26160"}, {"name": "1018885", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018885"}, {"tags": ["x_refsource_MISC"], "url": "http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf"}, {"name": "3319", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3319"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5690", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20071020 [ELEYTT] Public Advisory 20-10-2007", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/482597/100/0/threaded"}, {"name": "zaptel-sethdlc-bo(37335)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37335"}, {"name": "http://downloads.digium.com/pub/asa/AST-2007-024.html", "refsource": "MISC", "url": "http://downloads.digium.com/pub/asa/AST-2007-024.html"}, {"name": "20071108 AST-2007-024 - Fallacious security advisory spread on the Internet involving buffer overflow in Zaptel's sethdlc application", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483481/100/0/threaded"}, {"name": "26160", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26160"}, {"name": "1018885", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018885"}, {"name": "http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf", "refsource": "MISC", "url": "http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf"}, {"name": "3319", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3319"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:39:13.605Z"}, "title": "CVE Program Container", "references": [{"name": "20071020 [ELEYTT] Public Advisory 20-10-2007", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/482597/100/0/threaded"}, {"name": "zaptel-sethdlc-bo(37335)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37335"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://downloads.digium.com/pub/asa/AST-2007-024.html"}, {"name": "20071108 AST-2007-024 - Fallacious security advisory spread on the Internet involving buffer overflow in Zaptel's sethdlc application", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/483481/100/0/threaded"}, {"name": "26160", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26160"}, {"name": "1018885", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018885"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf"}, {"name": "3319", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3319"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5690", "datePublished": "2007-10-29T19:00:00", "dateReserved": "2007-10-29T00:00:00", "dateUpdated": "2024-08-07T15:39:13.605Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:asterisk:zaptel:1.4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4D62B9C-BCC9-418B-BE37-50B1ECFC8115", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed"}, {"lang": "es", "value": "** EN DISPUTA ** Desbordamiento de b\u00fafer en sethdlc.c de Asterisk Zaptel versi\u00f3n 1.4.5.1 podr\u00eda permitir a usuarios locales obtener privilegios mediante un nombre de dispositivo largo (nombre de intefaz) en el campo ifr_name. NOTA: el vendedor impugna este asunto, bas\u00e1ndose en que la aplicaci\u00f3n requiere acceso de root, por lo que los limites de privilegios no son cruzados."}], "id": "CVE-2007-5690", "lastModified": "2024-08-07T16:15:31.080", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-10-29T19:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://downloads.digium.com/pub/asa/AST-2007-024.html"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3319"}, {"source": "cve@mitre.org", "url": "http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/482597/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/483481/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26160"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1018885"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37335"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}