Lucene search
K

247 matches found

OSV
OSV
added 2015/04/24 2:59 p.m.6 views

AZL-44211 CVE-2015-3310 affecting package ppp for versions less than 2.5.0-1

Buffer overflow in the rcmksid function in plugins/radius/util.c in Paul's PPP Package ppp 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service crash via a start accounting message to the RADIUS server...

4.3CVSS7.5AI score0.05444EPSS
Exploits0References1
OSV
OSV
added 2015/04/19 12:0 a.m.21 views

DLA-205-1 ppp - security update

Bulletin has no description...

4.3CVSS9.3AI score0.05444EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/04/16 12:0 a.m.60 views

Debian Security Advisory DSA 3228-1 (ppp - security update)

Emanuele Rocca discovered that ppp, a daemon implementing the Point-to-Point Protocol, was subject to a buffer overflow when communicating with a RADIUS server. This would allow unauthenticated users to cause a denial-of-service by crashing the daemon. OpenVAS Vulnerability Test $Id: deb3228.nasl...

4.3CVSS9.3AI score0.05444EPSS
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2014/12/13 12:0 a.m.32 views

PPP: Information disclosure

Background PPP is a Unix implementation of the Point-to-Point Protocol Description Integer overflow is discovered in the getword function in options.c in PPP Impact A local attacker could execute process with extremely long options list, possibly obtaining sensitive information. Workaround There ...

7.5CVSS9.2AI score0.03502EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/11/28 12:0 a.m.21 views

Debian Security Advisory DSA 3079-1 (ppp - security update)

A vulnerability was discovered in ppp, an implementation of the Point-to-Point Protocol: an integer overflow in the routine responsible for parsing user-supplied options potentially allows a local attacker to gain root privileges. OpenVAS Vulnerability Test $Id: deb3079.nasl 6995 2017-08-23...

7.5CVSS1.2AI score0.03502EPSS
Exploits0References1
Fedora
Fedora
added 2014/08/30 3:52 a.m.27 views

[SECURITY] Fedora 19 Update: ppp-2.4.5-33.fc19

The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an ISP Internet Service Provider or other organization over a modem...

7.5CVSS3AI score0.03502EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/07/30 12:0 a.m.77 views

Debian DSA-2992-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation : - CVE-2014-3534 Martin Schwidefsky of IBM discovered that the ptrace subsystem does not properly sanitize the psw mask value. On s390 systems, an unprivileged local user...

7.2CVSS6.6AI score0.05926EPSS
Exploits6References8
OpenVAS
OpenVAS
added 2014/07/29 12:0 a.m.56 views

Debian Security Advisory DSA 2992-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation: CVE-2014-3534 Martin Schwidefsky of IBM discovered that the ptrace subsystem does not properly sanitize the psw mask value. On s390 systems, an unprivileged local user...

7.2CVSS1AI score0.05926EPSS
Exploits6References1
OpenVAS
OpenVAS
added 2014/07/21 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-2283-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.1AI score0.02103EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2014/07/21 12:0 a.m.51 views

Ubuntu: Security Advisory (USN-2285-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.2AI score0.03303EPSS
Exploits14References2
OpenVAS
OpenVAS
added 2014/07/21 12:0 a.m.45 views

Ubuntu: Security Advisory (USN-2290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.5AI score0.08103EPSS
Exploits11References2
Ubuntu
Ubuntu
added 2014/07/17 1:33 a.m.93 views

USN-2290-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

6.9CVSS7.1AI score0.08103EPSS
Exploits11
Ubuntu
Ubuntu
added 2014/07/17 1:0 a.m.114 views

USN-2288-1: Linux kernel (Trusty HWE) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

6.9CVSS7.1AI score0.08103EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2014/07/17 12:0 a.m.38 views

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2281-1)

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 An flaw was discovered in the Linux kernel's audit subsystem when auditing...

7.5CVSS7AI score0.05421EPSS
Exploits6References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/02/28 8:17 a.m.2 views

SEIL Series routers vulnerable to buffer overflow

Overview SEIL Series routers contain a buffer overflow vulnerability. The PPP Access Concentrator PPPAC contained in SEIL Series routers contain a buffer overflow vulnerability when processing PPPoE packets. Impact An attacker may be able to execute arbitrary code. Accoding to the developer, all...

8.3CVSS7.6AI score0.02608EPSS
Exploits0References9
securityvulns
securityvulns
added 2008/03/04 12:0 a.m.39 views

*BSD user-ppp local root (when conditions permit)

// / pppx.conf - Point to Point Protocol a.k.a. user-ppp exploit by sipher / / 2003 / 12 /23 - PRIVATE CODE / / Program terminated with signal 11, Segmentation fault. / / 0 0xbeefdead in ?? / // I just tested this on FreeBSD 6.3. This bug was discovered on NetBSD. It also works on OpenBSD...

1AI score
Exploits0
myhack58
myhack58
added 2006/12/10 12:0 a.m.1364 views

Hacker attack and Defense of the PPPoE authentication and use-vulnerability and early warning-the black bar safety net

A Foreword In recent years, Internet data traffic has developed rapidly, broadband users showed explosive growth, the operators in the use of xDSL, LAN, HFC, wireless and other access methods at the same time, in order to build an operable, manageable and profitable broadband network, is very...

0.2AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2006/08/23 12:0 a.m.14 views

FreeBSD-SA-06:18.ppp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:08.ppp Security Advisory The FreeBSD Project Topic: Buffer overflow in sppp4 Category: core Module: sysnet Announced: 2006-08-23 Credits: Martin Husemann, Pave...

10CVSS5.9AI score0.11319EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/11/01 12:0 a.m.15 views

ppp: No denial of service vulnerability

Background ppp is a Unix implementation of the Point-to-Point Protocol. Description The pppd server improperly verifies header fields, potentially leading to a crash of the pppd process handling the connection. However, since a separate pppd process handles each ppp connection, this would not...

0.9AI score
Exploits0
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.26 views

CVE-2004-0165

Format string vulnerability in Point-to-Point Protocol PPP daemon pppd 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges...

7.2AI score0.03807EPSS
Exploits1References6
Rows per page
Query Builder