60 matches found
Azure Linux 3.0 Security Update: ppp (CVE-2020-8597)
The version of ppp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-8597 advisory. - eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse...
MiracleLinux 7 : ppp-2.4.5-34.el7 (AXSA:2020-4481:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4481:01 advisory. ppp: Buffer overflow in the eaprequest and eapresponse functions in eap.c CVE-2020-8597 Tenable has extracted the preceding description block directly from t...
TencentOS Server 3: ppp (TSSA-2022:0071)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0071 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2020-8597 affecting package ppp for versions less than 2.4.7-36
CVE-2020-8597 affecting package ppp for versions less than 2.4.7-36. A patched version of the package is available...
ROS-2-450
2.450 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The vulnerabilit...
SUSE CVE-2020-8597
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions...
AlmaLinux 8 : ppp (ALSA-2020:0633)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:0633 advisory. - eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions. CVE-2020-8597 Note that Nessus has not...
ROS-2-807
2.807 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The vulnerabilit...
ROS-2-1225
2.1225 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The...
SUSE SLES11 Security Update : ppp (SUSE-SU-2020:14292-1)
The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2020:14292-1 advisory. - eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions. CVE-2020-8597 Note that Nessu...
SUSE: Security Advisory (SUSE-SU-2020:0489-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:14292-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : ppp Vulnerability (NS-SA-2020-0113)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ppp packages installed that are affected by a vulnerability: - eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions. CVE-2020-8597 Note that Nessus has not...
Siemens SCALANCE, RUGGEDCOM
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE, RUGGEDCOM Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthenticated access...
Important: ppp
Issue Overview: eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions.CVE-2020-8597 Affected Packages: ppp Issue Correction: Run yum update ppp or yum update --advisory ALAS-2020-1371 to update your system. New Packages: i686: ...
CVE-2020-8597
A buffer overflow flaw was found in the ppp package in versions 2.4.2 through 2.4.8. The bounds check for the rhostname was improperly constructed in the EAP request and response functions which could allow a buffer overflow to occur. Data confidentiality and integrity, as well as system...
Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2020-1319)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : ppp (EulerOS-SA-2020-1294)
According to the version of the ppp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions.CVE-2020-8597 Note that Tenable...
Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2020-1294)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
pppd 2.4.8 Buffer Overflow Exploit
Exploit Title: Point to Point Protocol Daemon versions 2.4.2 through 2.4.8 are vulnerable to buffer overflow - remote Author: nu11secur1ty Date: 2020-03-18 Vendor: Point to Point Protocol Daemon Link: https://github.com/nu11secur1ty/Windows10Exploits/tree/master/Undefined/CVE-2020-8597 CVE:...