134 matches found
Fedora: Security Advisory for ppp (FEDORA-2020-4304397fe0)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 30 Update: ppp-2.4.7-34.fc30
The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an ISP Internet Service Provider or other organization over a modem...
Fedora: Security Advisory for ppp (FEDORA-2020-571091c70b)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Point-to-Point Protocol Daemon Vulnerability
The CERT Coordination Center CERT/CC has released information on a vulnerability affecting Point-to-Point Protocol Daemon versions 2.4.2 through 2.4.8. A remote attacker can exploit this vulnerability to take control of an affected system. Point-to-Point Protocol Daemon is used to establish...
USN-4288-2: ppp vulnerability
USN-4288-1 fixed a vulnerability in ppp. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash,...
CentOS 7 : ppp (RHSA-2020:0630)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0630 advisory. - eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions. CVE-2020-8597 Note that Nessus has not...
Oracle Linux 7 : ppp (ELSA-2020-0630)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0630 advisory. 2.4.5-34.0.2 - Userland headers should always appear before kernel - Orabug: 27656836 [email protected] 2.4.5-34 - Fixed buffer overflow in the...
Important: Red Hat Security Advisory: ppp security update
An update for ppp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Important: Red Hat Security Advisory: ppp security update
An update for ppp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Important: Red Hat Security Advisory: ppp security update
An update for ppp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Important: Red Hat Security Advisory: ppp security update
An update for ppp is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...
ALSA-2020:0633 Important: ppp security update
The ppp packages contain the Point-to-Point Protocol PPP daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider ISP or other organization over a modem...
Debian DSA-4632-1 : ppp - security update
Ilja Van Sprundel reported a logic flaw in the Extensible Authentication Protocol EAP packet parser in the Point-to-Point Protocol Daemon pppd. An unauthenticated attacker can take advantage of this flaw to trigger a stack-based buffer overflow, leading to denial of service pppd daemon crash. C...
Security Advisory 2020-02-21-1 - ppp buffer overflow vulnerability (CVE-2020-8597)
DESCRIPTION A remotely exploitable vulnerability was found in Point-to-Point Protocol Daemon pppd, which has a significant potential impact due to the possibility of remote code execution prior to authentication. OpenWrt by default enables the FORTIFYSOURCE=1 compiler macro which introduces...
USN-4288-1: ppp vulnerability
It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code...
Debian: Security Advisory (DLA-2097-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PPP Buffer Overflow Vulnerability
PPP is a data link protocol that establishes a direct point-to-point connection. A buffer overflow vulnerability exists in the 'eaprequest' and 'eapresponse ' functions in PPP versions 2.4.2 through 2.4.8. The vulnerability stems from a network system or product performing operations in memory...
The vulnerability in the implementation of ISDN functions in the Cisco IOS XE operating system for Cisco 4000 Series Integrated Services Routers allows a attacker to transmit IPv4 traffic through an unauthenticated ISDN connection for several seconds, from the initial setup of the ISDN connection until a failure in authentication of the PPP connection occurs.
The vulnerability of the Cisco IOS XE operating system’s ISDN function implementation for Cisco 4000 Series Integrated Services Routers is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to transmit IPv4 traffic through an unauthenticated...
USN-3810-1 ppp vulnerability
Ivan Gotovchits discovered that ppp incorrectly handled the EAP-TLS protocol. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly bypass authentication...
PPPD Integer Overflow Vulnerability
PPPD is a protocol for establishing Internet links over dial-up modems, DSL connections, and other point-to-point links. The EAP-TLS protocol implementation in PPPD suffers from an integer overflow vulnerability that stems from a program's failure to properly perform authentication. An attacker...