Lucene search
Redhat.comRH:CVE-2018-11574HistoryJun 12, 2018 - 4:51 a.m.
CVE-2018-11574
2018-06-1204:51:28
redhat.com
access.redhat.com
12
EPSS
0.002
Percentile
58.7%
Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files. Configurations that use the refuse-app option are unaffected.
Mitigation
PPP instances must be configured for EAP-TLS authentication to expose this vulnerability. For ppp servers, the file /etc/ppp/eaptls-server' must exist. For clients, either /etc/ppp/eaptls-clientmust exist or command-line optionsca, certandkey` must be provided.
Related
nessus
nessus
Fedora 28 : ppp (2018-aed26fc705)
2019-01-03 00:00:00
EulerOS 2.0 SP2 : ppp (EulerOS-SA-2020-2387)
2020-11-03 00:00:00
Fedora 27 : ppp (2018-b99d43ee9b)
2018-06-29 00:00:00
nvd
nvd
CVE-2018-11574
2018-06-14 20:29:00
fedora
fedora
[SECURITY] Fedora 28 Update: ppp-2.4.7-22.fc28
2018-06-20 01:57:20
[SECURITY] Fedora 27 Update: ppp-2.4.7-14.fc27
2018-06-28 13:35:13
cvelist
cvelist
CVE-2018-11574
2018-06-14 20:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2021-1834)
2021-05-03 00:00:00
Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2020-2387)
2020-11-04 00:00:00
Fedora Update for ppp FEDORA-2018-b99d43ee9b
2018-06-29 00:00:00
ubuntu
ubuntu
ppp vulnerability
2018-11-06 00:00:00
osv
osv
CVE-2018-11574
2018-06-14 20:29:00
ubuntucve
ubuntucve
CVE-2018-11574
2018-06-14 00:00:00
debiancve
debiancve
CVE-2018-11574
2018-06-14 20:29:00
cve
cve
CVE-2018-11574
2018-06-14 20:29:00
prion
prion
Integer overflow
2018-06-14 20:29:00