247 matches found
AZL-44211 CVE-2015-3310 affecting package ppp for versions less than 2.5.0-1
Buffer overflow in the rcmksid function in plugins/radius/util.c in Paul's PPP Package ppp 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service crash via a start accounting message to the RADIUS server...
DLA-205-1 ppp - security update
Bulletin has no description...
Debian Security Advisory DSA 3228-1 (ppp - security update)
Emanuele Rocca discovered that ppp, a daemon implementing the Point-to-Point Protocol, was subject to a buffer overflow when communicating with a RADIUS server. This would allow unauthenticated users to cause a denial-of-service by crashing the daemon. OpenVAS Vulnerability Test $Id: deb3228.nasl...
PPP: Information disclosure
Background PPP is a Unix implementation of the Point-to-Point Protocol Description Integer overflow is discovered in the getword function in options.c in PPP Impact A local attacker could execute process with extremely long options list, possibly obtaining sensitive information. Workaround There ...
Debian Security Advisory DSA 3079-1 (ppp - security update)
A vulnerability was discovered in ppp, an implementation of the Point-to-Point Protocol: an integer overflow in the routine responsible for parsing user-supplied options potentially allows a local attacker to gain root privileges. OpenVAS Vulnerability Test $Id: deb3079.nasl 6995 2017-08-23...
[SECURITY] Fedora 19 Update: ppp-2.4.5-33.fc19
The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an ISP Internet Service Provider or other organization over a modem...
Debian DSA-2992-1 : linux - security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation : - CVE-2014-3534 Martin Schwidefsky of IBM discovered that the ptrace subsystem does not properly sanitize the psw mask value. On s390 systems, an unprivileged local user...
Debian Security Advisory DSA 2992-1 (linux - security update)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation: CVE-2014-3534 Martin Schwidefsky of IBM discovered that the ptrace subsystem does not properly sanitize the psw mask value. On s390 systems, an unprivileged local user...
Ubuntu: Security Advisory (USN-2283-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2285-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2290-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2290-1: Linux kernel vulnerabilities
Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...
USN-2288-1: Linux kernel (Trusty HWE) vulnerabilities
Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2281-1)
Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 An flaw was discovered in the Linux kernel's audit subsystem when auditing...
SEIL Series routers vulnerable to buffer overflow
Overview SEIL Series routers contain a buffer overflow vulnerability. The PPP Access Concentrator PPPAC contained in SEIL Series routers contain a buffer overflow vulnerability when processing PPPoE packets. Impact An attacker may be able to execute arbitrary code. Accoding to the developer, all...
*BSD user-ppp local root (when conditions permit)
// / pppx.conf - Point to Point Protocol a.k.a. user-ppp exploit by sipher / / 2003 / 12 /23 - PRIVATE CODE / / Program terminated with signal 11, Segmentation fault. / / 0 0xbeefdead in ?? / // I just tested this on FreeBSD 6.3. This bug was discovered on NetBSD. It also works on OpenBSD...
Hacker attack and Defense of the PPPoE authentication and use-vulnerability and early warning-the black bar safety net
A Foreword In recent years, Internet data traffic has developed rapidly, broadband users showed explosive growth, the operators in the use of xDSL, LAN, HFC, wireless and other access methods at the same time, in order to build an operable, manageable and profitable broadband network, is very...
FreeBSD-SA-06:18.ppp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:08.ppp Security Advisory The FreeBSD Project Topic: Buffer overflow in sppp4 Category: core Module: sysnet Announced: 2006-08-23 Credits: Martin Husemann, Pave...
ppp: No denial of service vulnerability
Background ppp is a Unix implementation of the Point-to-Point Protocol. Description The pppd server improperly verifies header fields, potentially leading to a crash of the pppd process handling the connection. However, since a separate pppd process handles each ppp connection, this would not...
CVE-2004-0165
Format string vulnerability in Point-to-Point Protocol PPP daemon pppd 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges...