This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Point-To-Point Protocol Project First view 2014-11-15
Product Point-To-Point Protocol Last view 2020-02-03
Version 2.4.6 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol

Activity : Overall

Related : CVE

  Date Alert Description
9.8 2020-02-03 CVE-2020-8597

eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.

4.3 2015-04-24 CVE-2015-3310

Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server.

7.5 2014-11-15 CVE-2014-3158

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "[corrupts] security-relevant variables."

CWE : Common Weakness Enumeration

%idName
66% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
33% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...

Nessus® Vulnerability Scanner

id Description
2017-02-16 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-0474-1.nasl - Type: ACT_GATHER_INFO
2017-02-16 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-0473-1.nasl - Type: ACT_GATHER_INFO
2017-01-23 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201701-50.nasl - Type: ACT_GATHER_INFO
2015-11-30 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2015-827.nasl - Type: ACT_GATHER_INFO
2015-05-06 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-2595-1.nasl - Type: ACT_GATHER_INFO
2015-05-05 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2015-222.nasl - Type: ACT_GATHER_INFO
2015-04-22 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2015-111-11.nasl - Type: ACT_GATHER_INFO
2015-04-20 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3228.nasl - Type: ACT_GATHER_INFO
2015-04-20 Name: The remote Debian host is missing a security update.
File: debian_DLA-205.nasl - Type: ACT_GATHER_INFO
2015-03-30 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2015-135.nasl - Type: ACT_GATHER_INFO
2015-03-26 Name: The remote Debian host is missing a security update.
File: debian_DLA-74.nasl - Type: ACT_GATHER_INFO
2014-12-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201412-19.nasl - Type: ACT_GATHER_INFO
2014-12-02 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-2429-1.nasl - Type: ACT_GATHER_INFO
2014-12-01 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3079.nasl - Type: ACT_GATHER_INFO
2014-09-17 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2014-545.nasl - Type: ACT_GATHER_INFO
2014-09-12 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2014-178.nasl - Type: ACT_GATHER_INFO
2014-09-04 Name: The remote SuSE 11 host is missing a security update.
File: suse_11_ppp-140826.nasl - Type: ACT_GATHER_INFO
2014-08-30 Name: The remote Fedora host is missing a security update.
File: fedora_2014-9401.nasl - Type: ACT_GATHER_INFO
2014-08-23 Name: The remote Fedora host is missing a security update.
File: fedora_2014-9412.nasl - Type: ACT_GATHER_INFO