Point-to-Point Protocol Project Point-to-Point Protocol 2.4.5

CPE Details

Point-to-Point Protocol Project Point-to-Point Protocol 2.4.5
point-to-point_protocol_project
point-to-point_protocol
2.4.5
2020-02-06
16h59 +00:00
2020-02-06
16h59 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol:2.4.5:*:*:*:*:*:*:*

Informations

Vendor

point-to-point_protocol_project

Product

point-to-point_protocol

Version

2.4.5

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-8597 2020-02-03 21h58 +00:00 eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
9.8
Critical
CVE-2018-11574 2018-06-14 18h00 +00:00 Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files. Configurations that use the `refuse-app` option are unaffected.
9.8
Critical
CVE-2015-3310 2015-04-24 12h00 +00:00 Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server.
4.3
CVE-2014-3158 2014-11-15 20h00 +00:00 Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "[corrupts] security-relevant variables."
7.5