Lucene search
K

134 matches found

OpenVAS
OpenVAS
added 2020/03/12 12:0 a.m.29 views

Fedora: Security Advisory for ppp (FEDORA-2020-4304397fe0)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.6AI score0.19431EPSS
Exploits3References2
Fedora
Fedora
added 2020/03/08 12:8 a.m.44 views

[SECURITY] Fedora 30 Update: ppp-2.4.7-34.fc30

The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an ISP Internet Service Provider or other organization over a modem...

9.8CVSS3AI score0.19431EPSS
Exploits3
OpenVAS
OpenVAS
added 2020/03/08 12:0 a.m.34 views

Fedora: Security Advisory for ppp (FEDORA-2020-571091c70b)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.6AI score0.19431EPSS
Exploits3References2
CISA
CISA
added 2020/03/05 12:0 a.m.14 views

Point-to-Point Protocol Daemon Vulnerability

The CERT Coordination Center CERT/CC has released information on a vulnerability affecting Point-to-Point Protocol Daemon versions 2.4.2 through 2.4.8. A remote attacker can exploit this vulnerability to take control of an affected system. Point-to-Point Protocol Daemon is used to establish...

6.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/03/02 5:58 p.m.104 views

USN-4288-2: ppp vulnerability

USN-4288-1 fixed a vulnerability in ppp. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash,...

9.8CVSS8.7AI score0.19431EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2020/02/28 12:0 a.m.57 views

CentOS 7 : ppp (RHSA-2020:0630)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0630 advisory. - eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions. CVE-2020-8597 Note that Nessus has not...

9.8CVSS8.7AI score0.19431EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2020/02/28 12:0 a.m.46 views

Oracle Linux 7 : ppp (ELSA-2020-0630)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0630 advisory. 2.4.5-34.0.2 - Userland headers should always appear before kernel - Orabug: 27656836 [email protected] 2.4.5-34 - Fixed buffer overflow in the...

9.8CVSS8.7AI score0.19431EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2020/02/27 3:51 p.m.96 views

Important: Red Hat Security Advisory: ppp security update

An update for ppp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

9.8CVSS7.5AI score0.19431EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2020/02/27 3:46 p.m.146 views

Important: Red Hat Security Advisory: ppp security update

An update for ppp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

9.8CVSS7.5AI score0.19431EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2020/02/27 3:43 p.m.81 views

Important: Red Hat Security Advisory: ppp security update

An update for ppp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

9.8CVSS7.5AI score0.19431EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2020/02/27 3:28 p.m.76 views

Important: Red Hat Security Advisory: ppp security update

An update for ppp is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

9.8CVSS7.5AI score0.19431EPSS
Exploits3References2
OSV
OSV
added 2020/02/27 2:59 p.m.35 views

ALSA-2020:0633 Important: ppp security update

The ppp packages contain the Point-to-Point Protocol PPP daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider ISP or other organization over a modem...

9.8CVSS9.9AI score0.19431EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2020/02/24 12:0 a.m.37 views

Debian DSA-4632-1 : ppp - security update

Ilja Van Sprundel reported a logic flaw in the Extensible Authentication Protocol EAP packet parser in the Point-to-Point Protocol Daemon pppd. An unauthenticated attacker can take advantage of this flaw to trigger a stack-based buffer overflow, leading to denial of service pppd daemon crash. C...

9.8CVSS8.8AI score0.19431EPSS
Exploits3References6
OpenWrt
OpenWrt
added 2020/02/21 12:0 a.m.118 views

Security Advisory 2020-02-21-1 - ppp buffer overflow vulnerability (CVE-2020-8597)

DESCRIPTION A remotely exploitable vulnerability was found in Point-to-Point Protocol Daemon pppd, which has a significant potential impact due to the possibility of remote code execution prior to authentication. OpenWrt by default enables the FORTIFYSOURCE=1 compiler macro which introduces...

9.8CVSS9.3AI score0.19431EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/02/20 1:37 p.m.104 views

USN-4288-1: ppp vulnerability

It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS8.6AI score0.19431EPSS
Exploits3
OpenVAS
OpenVAS
added 2020/02/10 12:0 a.m.56 views

Debian: Security Advisory (DLA-2097-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.19431EPSS
Exploits3References3
CNVD
CNVD
added 2020/02/03 12:0 a.m.4 views

PPP Buffer Overflow Vulnerability

PPP is a data link protocol that establishes a direct point-to-point connection. A buffer overflow vulnerability exists in the 'eaprequest' and 'eapresponse ' functions in PPP versions 2.4.2 through 2.4.8. The vulnerability stems from a network system or product performing operations in memory...

9.8CVSS7.3AI score0.19431EPSS
Exploits3References1
BDU FSTEC
BDU FSTEC
added 2019/10/03 12:0 a.m.6 views

The vulnerability in the implementation of ISDN functions in the Cisco IOS XE operating system for Cisco 4000 Series Integrated Services Routers allows a attacker to transmit IPv4 traffic through an unauthenticated ISDN connection for several seconds, from the initial setup of the ISDN connection until a failure in authentication of the PPP connection occurs.

The vulnerability of the Cisco IOS XE operating system’s ISDN function implementation for Cisco 4000 Series Integrated Services Routers is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to transmit IPv4 traffic through an unauthenticated...

4.7CVSS5.5AI score0.01425EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/11/06 4:12 p.m.2 views

USN-3810-1 ppp vulnerability

Ivan Gotovchits discovered that ppp incorrectly handled the EAP-TLS protocol. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly bypass authentication...

9.8CVSS7.2AI score0.01899EPSS
Exploits0References2
CNVD
CNVD
added 2018/06/28 12:0 a.m.5 views

PPPD Integer Overflow Vulnerability

PPPD is a protocol for establishing Internet links over dial-up modems, DSL connections, and other point-to-point links. The EAP-TLS protocol implementation in PPPD suffers from an integer overflow vulnerability that stems from a program's failure to properly perform authentication. An attacker...

9.8CVSS8.5AI score0.01899EPSS
Exploits0References1
Rows per page
Query Builder