Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2008 E-Soft Inc.OPENVAS:136141256231057294
HistorySep 04, 2008 - 12:00 a.m.

FreeBSD Security Advisory (FreeBSD-SA-06:18.ppp.asc)

2008-09-0400:00:00
Copyright (C) 2008 E-Soft Inc.
plugins.openvas.org
4

7 High

AI Score

Confidence

Low

0.066 Low

EPSS

Percentile

93.8%

JSON

The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-06:18.ppp.asc

# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.57294");
  script_version("2023-07-26T05:05:09+0000");
  script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
  script_tag(name:"creation_date", value:"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)");
  script_cve_id("CVE-2006-4304");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_name("FreeBSD Security Advisory (FreeBSD-SA-06:18.ppp.asc)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2008 E-Soft Inc.");
  script_family("FreeBSD Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/freebsd", "ssh/login/freebsdpatchlevel");

  script_tag(name:"insight", value:"The ppp(4) driver implements the Point-to-Point Protocol for using serial
lines (e.g., modems) as network interfaces.

While processing Link Control Protocol (LCP) configuration options received
from the remote host, ppp(4) fails to correctly validate option lengths.
This may result in data being read or written beyond the allocated kernel
memory buffer.");

  script_tag(name:"solution", value:"Upgrade your system to the appropriate stable release
  or security branch dated after the correction date.");

  script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-06:18.ppp.asc");

  script_tag(name:"summary", value:"The remote host is missing an update to the system
  as announced in the referenced advisory FreeBSD-SA-06:18.ppp.asc");

  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("pkg-lib-bsd.inc");

vuln = FALSE;

if(patchlevelcmp(rel:"6.1", patchlevel:"4")<0) {
  vuln = TRUE;
}
if(patchlevelcmp(rel:"6.0", patchlevel:"10")<0) {
  vuln = TRUE;
}
if(patchlevelcmp(rel:"5.5", patchlevel:"3")<0) {
  vuln = TRUE;
}
if(patchlevelcmp(rel:"5.4", patchlevel:"17")<0) {
  vuln = TRUE;
}
if(patchlevelcmp(rel:"5.3", patchlevel:"32")<0) {
  vuln = TRUE;
}
if(patchlevelcmp(rel:"4.11", patchlevel:"20")<0) {
  vuln = TRUE;
}

if(vuln) {
  security_message(port:0);
} else if (__pkg_match) {
  exit(99);
}

Related

securityvulns 2
openvas 1
freebsd_advisory 1
ubuntucve 1
cve 1
hackerone 1
freebsd 1
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-06:18.ppp [REVISED]
2006-08-28 00:00:00
FreeBSD Security Advisory FreeBSD-SA-06:18.ppp
2006-08-24 00:00:00
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-06:18.ppp.asc)
2008-09-04 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-06:18.ppp
2006-08-23 00:00:00
ubuntucve
ubuntucve
CVE-2006-4304
2006-08-24 00:00:00
cve
cve
CVE-2006-4304
2006-08-24 01:04:00
hackerone
hackerone
PlayStation: Remote vulnerabilities in spp
2023-09-22 19:22:45
freebsd
freebsd
sppp -- buffer overflow vulnerability
2006-08-23 00:00:00

7 High

AI Score

Confidence

Low

0.066 Low

EPSS

Percentile

93.8%

JSON
Related for OPENVAS:136141256231057294
securityvulns2openvas1freebsd_advisory1ubuntucve1cve1hackerone1freebsd1