pppd versions 2.4.2 through 2.4.8 buffer overflow exploit.
10a6602a635fe00eda73adff8cbfa55b1f8d3d56c298fa18edcd1caf80413f7aGentoo Linux Security Advisory 202003-19 - A buffer overflow in PPP might allow a remote attacker to execute arbitrary code. Versions less than 2.4.8 are affected.
80174c3893bedd6ad1939f6f5b3977e8ba45217f20da8f64d32aa6884f58f63fProof of concept crash exploit for pppd versions 2.4.2 through 2.4.8. It leverages a rhostname buffer overflow in the eap_request and eap_response functions in eap.c.
5f3f031504ced5c6e33a19ffcc5762feb18c6704650c050b6b15df49d8a9357dUbuntu Security Notice 4288-2 - USN-4288-1 fixed a vulnerability in ppp. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
c28c6cad6c0a312541d70136b3a316727d572cc4a6195317d8845fa0feae034dDebian Linux Security Advisory 4632-1 - Ilja Van Sprundel reported a logic flaw in the Extensible Authentication Protocol (EAP) packet parser in the Point-to-Point Protocol Daemon (pppd). An unauthenticated attacker can take advantage of this flaw to trigger a stack-based buffer overflow, leading to denial of service (pppd daemon crash).
f77ed94eb241b6463d1cc0108850a4ac7b647e3bae13cb583969676d3ec8590eRed Hat Security Advisory 2020-0634-01 - The ppp packages contain the Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider or other organization over a modem and phone line. Issues addressed include a buffer overflow vulnerability.
1df0fe2f62df4d444ccb819d6f143597bfefdd169e1acff37c0f800b7b226dfaRed Hat Security Advisory 2020-0631-01 - The ppp packages contain the Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider or other organization over a modem and phone line. Issues addressed include a buffer overflow vulnerability.
c5410a2d83277b036adeed661972863aa4373b96185f77a076d89b7b279a5b7aRed Hat Security Advisory 2020-0633-01 - The ppp packages contain the Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider or other organization over a modem and phone line. Issues addressed include a buffer overflow vulnerability.
1bebc5e30b3d0310766cb8db3fea8a04df5a03923396e89d78272b83466ce1deRed Hat Security Advisory 2020-0630-01 - The ppp packages contain the Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider or other organization over a modem and phone line. Issues addressed include a buffer overflow vulnerability.
2cafd3c642092b4ba0ba572a8f7bad662501dca79332e06a608bd62708e0a721Ubuntu Security Notice 4288-1 - It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code.
eb07457d63a9c9ab5e89ea43cf02a775350f7f4106be07bf3ab89630abce1e73
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed