Skip to main content

Point To Point Protocol

4 CVEs product

Monthly

CVE-2020-8597 CRITICAL PATCH Act Now

eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Point To Point Protocol Pfc Firmware Debian Linux Ubuntu Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
19.6%
CVE-2018-11574 CRITICAL PATCH Act Now

Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Information Disclosure Point To Point Protocol Ubuntu Linux
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2015-3310 MEDIUM This Month

Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux Debian Linux Point To Point Protocol
NVD
CVSS 2.0
4.3
EPSS
1.5%
CVE-2014-3158 HIGH This Week

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Point To Point Protocol
NVD GitHub
CVSS 2.0
7.5
EPSS
1.5%
EPSS 20% CVSS 9.8
CRITICAL PATCH Act Now

eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Point To Point Protocol Pfc Firmware +2
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Information Disclosure Point To Point Protocol +1
NVD
EPSS 2% CVSS 4.3
MEDIUM This Month

Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Point To Point Protocol
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy