FreeBSD Local Security Checks : FreeBSD Security Advisory (FreeBSD-SA-06:18.ppp.asc)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.57294

Kategorie: FreeBSD Local Security Checks

Titel: FreeBSD Security Advisory (FreeBSD-SA-06:18.ppp.asc)

Zusammenfassung: The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-06:18.ppp.asc

Beschreibung: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-06:18.ppp.asc

Vulnerability Insight:
The ppp(4) driver implements the Point-to-Point Protocol for using serial
lines (e.g., modems) as network interfaces.

While processing Link Control Protocol (LCP) configuration options received
from the remote host, ppp(4) fails to correctly validate option lengths.
This may result in data being read or written beyond the allocated kernel
memory buffer.

Solution:
Upgrade your system to the appropriate stable release
or security branch dated after the correction date.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-4304
BugTraq ID: 19684
http://www.securityfocus.com/bid/19684
FreeBSD Security Advisory: FreeBSD-SA-06:08
http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc
http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch
NETBSD Security Advisory: NetBSD-SA2006-019
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-019.txt.asc
OpenBSD Security Advisory: [3.8] 20060902 014: SECURITY FIX: September 2, 2006
http://www.openbsd.org/errata38.html#sppp
OpenBSD Security Advisory: [3.9] 20060902 009: SECURITY FIX: September 2, 2006
http://www.openbsd.org/errata.html#sppp
http://securitytracker.com/id?1016745
http://secunia.com/advisories/21587
http://secunia.com/advisories/21731
XForce ISS Database: sppp4-lcp-bo(28562)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28562

Copyright Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.57294
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Security Advisory (FreeBSD-SA-06:18.ppp.asc)
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-06:18.ppp.asc
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:18.ppp.asc Vulnerability Insight: The ppp(4) driver implements the Point-to-Point Protocol for using serial lines (e.g., modems) as network interfaces. While processing Link Control Protocol (LCP) configuration options received from the remote host, ppp(4) fails to correctly validate option lengths. This may result in data being read or written beyond the allocated kernel memory buffer. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4304 BugTraq ID: 19684 http://www.securityfocus.com/bid/19684 FreeBSD Security Advisory: FreeBSD-SA-06:08 http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch NETBSD Security Advisory: NetBSD-SA2006-019 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-019.txt.asc OpenBSD Security Advisory: [3.8] 20060902 014: SECURITY FIX: September 2, 2006 http://www.openbsd.org/errata38.html#sppp OpenBSD Security Advisory: [3.9] 20060902 009: SECURITY FIX: September 2, 2006 http://www.openbsd.org/errata.html#sppp http://securitytracker.com/id?1016745 http://secunia.com/advisories/21587 http://secunia.com/advisories/21731 XForce ISS Database: sppp4-lcp-bo(28562) https://exchange.xforce.ibmcloud.com/vulnerabilities/28562
Copyright	Copyright (C) 2008 E-Soft Inc.