Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol:2.4.6:*:*:*:*:*:*:*
There are 4 matching records.
Displaying matches 1 through 4.
Vuln ID Summary CVSS Severity
CVE-2020-8597

eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.

Published: February 03, 2020; 6:15:11 PM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2015-3310

Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server.

Published: April 24, 2015; 10:59:11 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-3158

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "[corrupts] security-relevant variables."

Published: November 15, 2014; 4:59:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-0824

BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device.

Published: August 12, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 1.2 LOW