Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2008-5744

EPSS 0.03% · P10
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-5744

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Array index error in the dahdi/tor2.c driver in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to an incorrect tor2 patch for CVE-2008-5396 that uses the wrong variable in a range check against the value of lc->sync.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
zaptel多个驱动数组索引漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
zaptel软件包是用于配置Zapata电话内核驱动的用户工具。 由于对ZT_SPANCONFIG ioctl相关的sync字段缺少检查,导致Zaptel中的torisa.c驱动的torisa_spanconfig()函数和dahdi/tor2.c驱动的tor2_spanconfig()函数存在数组索引错误。dialout组中的本地用户可以通过写入/dev/zap/ctl覆盖内核内存中的整数值,导致拒绝服务或获得权限提升。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2008-5744

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2008-5744

登录查看更多情报信息。

Same Patch Batch · n/a · 2008-12-26 · 27 CVEs total

CVE-2008-5722SAWStudio .prf文件解析缓冲区溢出漏洞
CVE-2008-5734Merak Mail Server邮件消息HTML注入漏洞
CVE-2008-5733PHP-Fusion SQL注入漏洞
CVE-2008-5732BLOG 'image_upload.php' 任意文件上传漏洞
CVE-2008-5731PGP Desktop PGPweded.sys驱动本地拒绝服务漏洞
CVE-2008-5730AIST Netcat CRLF注入漏洞
CVE-2008-5729AIST Netcat多参数跨站攻击漏洞
CVE-2008-5728AIST Netcat 多文件参数目录遍历漏洞
CVE-2008-5727AIST NetCat 'password_recovery.php' SQL注入漏洞
CVE-2008-5726stormBoards 'thread.php' SQL注入漏洞
CVE-2008-5725PowerStrip pstrip.sys驱动本地权限提升漏洞
CVE-2008-5724ESET Smart Security epfw.sys驱动本地内核权限提升漏洞
CVE-2008-5723CGI RESCUE MiniBBS2000 未明目录遍历漏洞
CVE-2008-5743PDFjam 多个不安全临时文件创建漏洞
CVE-2008-5721SapporoWorks BlackJumboDog Web Server 未明权限绕过漏洞
CVE-2008-5720Mayaa Default Error Page 跨站脚本攻击漏洞
CVE-2008-5719Groupmax Workflow Development Kit for Active Server Pages 跨站脚本攻击漏洞
CVE-2008-5718Netatalk打印请求任意代码注入漏洞
CVE-2008-5717Hitachi JP1/Integrated Management - Service Support 未明跨站脚本攻击漏洞
CVE-2008-5739Pligg 'check_url.php' SQL注入漏洞

Showing top 20 of 27 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2008-5744

No comments yet

Leave a comment