4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
Emanuele Rocca discovered that ppp, a daemon implementing the
Point-to-Point Protocol, was subject to a buffer overflow when
communicating with a RADIUS server. This would allow unauthenticated
users to cause a denial-of-service by crashing the daemon.
For the stable distribution (wheezy), this problem has been fixed in
version 2.4.5-5.1+deb7u2.
For the upcoming stable distribution (jessie) and unstable
distribution (sid), this problem has been fixed in version 2.4.6-3.1.
We recommend that you upgrade your ppp packages.
CPE | Name | Operator | Version |
---|---|---|---|
ppp | eq | 2.4.5-5.1+deb7u1 | |
ppp | eq | 2.4.5-5.1 |