CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Tenable Nessus•added 2014/12/15 12:0 a.m.•24 views

GLSA-201412-19 : PPP: Information disclosure

The remote host is affected by the vulnerability described in GLSA-201412-19 PPP: Information disclosure Integer overflow is discovered in the getword function in options.c in PPP Impact : A local attacker could execute process with extremely long options list, possibly obtaining sensitive...

7.5CVSS8.3AI score0.03502EPSS

Exploits0References2

Gentoo Linux•added 2014/12/13 12:0 a.m.•30 views

PPP: Information disclosure

Background PPP is a Unix implementation of the Point-to-Point Protocol Description Integer overflow is discovered in the getword function in options.c in PPP Impact A local attacker could execute process with extremely long options list, possibly obtaining sensitive information. Workaround There ...

7.5CVSS9.2AI score0.03502EPSS

Exploits0

Prion•added 2014/11/15 9:59 p.m.•17 views

Integer overflow

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...

7.5CVSS7.1AI score0.03502EPSS

Exploits0References9Affected Software1

NVD•added 2014/11/15 9:59 p.m.•13 views

CVE-2014-3158

7.5CVSS9.4AI score0.03502EPSS

Exploits0References9

Cvelist•added 2014/11/15 9:0 p.m.•31 views

CVE-2014-3158

9.4AI score0.03502EPSS

Exploits0References9

CVE•added 2014/11/15 9:0 p.m.•97 views

CVE-2014-3158

An entry for CVE-2014-3158 concerns pppd (Paul's PPP Package, ppp) before 2.4.7. The root cause is an integer overflow in getword (options.c) that triggers a heap-based buffer overflow, potentially corrupting security-relevant variables. This allows attackers to access privileged options via a lo...

7.5CVSS9.1AI score0.03502EPSS

Exploits0References9Affected Software1