12 matches found
MiracleLinux 4 : ppp-2.4.5-11.AXS4 (AXSA:2020-4482:02)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4482:02 advisory. ppp: Buffer overflow in the eaprequest and eapresponse functions in eap.c CVE-2020-8597 Tenable has extracted the preceding description block directly from t...
EUVD-2008-2436
Malware in sbrugna...
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
...
Exploit for Classic Buffer Overflow in Point-To-Point_Protocol_Project Point-To-Point_Protocol
PoC exploit for CVE-2020-8597, a buffer overflow vulnerability in the eap.c file of the pppd daemon in ppp versions 2.4.2 through 2.4.8. The vulnerability allows for a buffer overflow in the eaprequest and eapresponse functions, which can be exploited by sending a long "EAP: unauthenticated peer...
ppp: Buffer overflow in the eap_request and eap_response functions in eap.c
A buffer overflow flaw was found in the ppp package in versions 2.4.2 through 2.4.8. The bounds check for the rhostname was improperly constructed in the EAP request and response functions which could allow a buffer overflow to occur. Data confidentiality and integrity, as well as system...
ppp: Buffer overflow in the eap_request and eap_response functions in eap.c
A buffer overflow flaw was found in the ppp package in versions 2.4.2 through 2.4.8. The bounds check for the rhostname was improperly constructed in the EAP request and response functions which could allow a buffer overflow to occur. Data confidentiality and integrity, as well as system...
ppp security update
2.4.5-11 - Fixed buffer overflow in the eaprequest and eapresponse functions Resolves: CVE-2020-8597...
AZL-45009 CVE-2020-8597 affecting package ppp for versions less than 2.4.7-36
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions...
CVE-2020-8597
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions...
Cisco Secure ACS EAP-Response报文解析拒绝服务漏洞
BUGTRAQ ID: 30997 CVE ID:CVE-2008-2441 CNCVE ID:CNCVE-20082441 Cisco Secure ACS是一款Cisco网络设备的中央管理平台,用于控制设备的认证和授权。 Cisco Secure ACS不正确解析EAP-Response报文长度,远程攻击者可以利用漏洞对服务程序进行拒绝服务攻击或可能导致任意代码执行。 远程攻击者作为RADIUS客户端可以针对Cisco Secure...
CVE-2008-2441
Cisco Secure ACS 3.x before 3.34 Build 12 patch 7, 4.0.x, 4.1.x before 4.14 Build 13 Patch 11, and 4.2.x before 4.20 Build 124 Patch 4 does not properly handle an EAP Response packet in which the value of the length field exceeds the actual packet length, which allows remote authenticated users t...
CVE-2008-2441
Cisco Secure ACS 3.x before 3.34 Build 12 patch 7, 4.0.x, 4.1.x before 4.14 Build 13 Patch 11, and 4.2.x before 4.20 Build 124 Patch 4 does not properly handle an EAP Response packet in which the value of the length field exceeds the actual packet length, which allows remote authenticated users t...