19 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-3158
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to access privileged options via a long wo...
Slackware: Security Advisory (SSA:2015-111-11)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0368)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:1088-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2019-2399)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2019-2652)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201412-19
Gentoo Linux Local Security Checks GLSA 201412-19 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
[slackware-security] ppp
New ppp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/ppp-2.4.5-i486-3slack14.1.txz: Rebuilt. Fixed a potential security issue in parsing option files. Fixed remotel...
Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : ppp (SSA:2015-111-11)
New ppp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2015-111-11. The text itself...
Mandriva Linux Security Advisory : ppp (MDVSA-2015:135)
Updated ppp packages fix security vulnerability : A vulnerability in ppp before 2.4.7 may enable an unprivileged attacker to access privileged options CVE-2014-3158. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
[SECURITY] [DSA 3079-1] ppp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3079-1 [email protected] http://www.debian.org/security/ Sebastien Delafond November 28, 2014 http://www.debian.org/security/faq -...
CVE-2014-3158
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...
DEBIAN-CVE-2014-3158
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...
CVE-2014-3158
An entry for CVE-2014-3158 concerns pppd (Paul's PPP Package, ppp) before 2.4.7. The root cause is an integer overflow in getword (options.c) that triggers a heap-based buffer overflow, potentially corrupting security-relevant variables. This allows attackers to access privileged options via a lo...
[SECURITY] [DLA 74-1] ppp security update
Package : ppp Version : 2.4.5-4+deb6u1 CVE ID : CVE-2014-3158 Debian Bug : http://bugs.debian.org/762789 This updates fixes a potential integer overflow in option parsing. A user in the group "dip" could provide a specially crafted configuration file of more than 2G and generate an integer...
[ MDVSA-2014:178 ] ppp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:178 http://www.mandriva.com/en/support/security/ Package : ppp Date : September 5, 2014 Affected: Business Server 1.0 Problem Description: Updated ppp packages fix security vulnerability: A vulnerability in...
Updated ppp packages fix a security vulnerability
Updated ppp packages fix security vulnerability: A vulnerability in ppp before 2.4.7 may enable an unprivileged attacker to access privileged options CVE-2014-3158...
SuSE 11.3 Security Update : ppp (SAT Patch Number 9648)
This ppp update fixes a potential security issue that an unprivileged attacker could access privileged options : - integer overflow in option parsing CVE-2014-3158, bnc891489 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Fedora 20 : ppp-2.4.5-34.fc20 (2014-9412)
Security fix for CVE-2014-3158 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...