Buffer overflow : OpenWRT < 18.06.8, 19.x < 19.07.2 ppp Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.148626

Categoría: Buffer overflow

Título: OpenWRT < 18.06.8, 19.x < 19.07.2 ppp Vulnerability

Resumen: OpenWRT is prone to a buffer overflow vulnerability in ppp.

Descripción: Summary:
OpenWRT is prone to a buffer overflow vulnerability in ppp.

Vulnerability Insight:
A remotely exploitable vulnerability was found in
Point-to-Point Protocol Daemon (pppd), which has a significant potential impact due to the
possibility of remote code execution prior to authentication.

Affected Software/OS:
OpenWRT version 18.06.7 and prior and version 19.x through
19.07.1.

Solution:
Update to version 18.06.8, 19.07.2 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-8597
CERT/CC vulnerability note: VU#782301
https://www.kb.cert.org/vuls/id/782301
Debian Security Information: DSA-4632 (Google Search)
https://www.debian.org/security/2020/dsa-4632
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOFDAIOWSWPG732ASYUZNINMXDHY4APE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNJNHWOO4XF73M2W56ILZUY4JQG3JXIR/
http://seclists.org/fulldisclosure/2020/Mar/6
https://security.gentoo.org/glsa/202003-19
http://packetstormsecurity.com/files/156662/pppd-2.4.8-Buffer-Overflow.html
http://packetstormsecurity.com/files/156802/pppd-2.4.8-Buffer-Overflow.html
https://cert-portal.siemens.com/productcert/pdf/ssa-809841.pdf
https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426
https://us-cert.cisa.gov/ics/advisories/icsa-20-224-04
https://lists.debian.org/debian-lts-announce/2020/02/msg00005.html
RedHat Security Advisories: RHSA-2020:0630
https://access.redhat.com/errata/RHSA-2020:0630
RedHat Security Advisories: RHSA-2020:0631
https://access.redhat.com/errata/RHSA-2020:0631
RedHat Security Advisories: RHSA-2020:0633
https://access.redhat.com/errata/RHSA-2020:0633
RedHat Security Advisories: RHSA-2020:0634
https://access.redhat.com/errata/RHSA-2020:0634
SuSE Security Announcement: openSUSE-SU-2020:0286 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00006.html
https://usn.ubuntu.com/4288-1/
https://usn.ubuntu.com/4288-2/

Copyright Copyright (C) 2022 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.148626
Categoría:	Buffer overflow
Título:	OpenWRT < 18.06.8, 19.x < 19.07.2 ppp Vulnerability
Resumen:	OpenWRT is prone to a buffer overflow vulnerability in ppp.
Descripción:	Summary: OpenWRT is prone to a buffer overflow vulnerability in ppp. Vulnerability Insight: A remotely exploitable vulnerability was found in Point-to-Point Protocol Daemon (pppd), which has a significant potential impact due to the possibility of remote code execution prior to authentication. Affected Software/OS: OpenWRT version 18.06.7 and prior and version 19.x through 19.07.1. Solution: Update to version 18.06.8, 19.07.2 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-8597 CERT/CC vulnerability note: VU#782301 https://www.kb.cert.org/vuls/id/782301 Debian Security Information: DSA-4632 (Google Search) https://www.debian.org/security/2020/dsa-4632 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOFDAIOWSWPG732ASYUZNINMXDHY4APE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNJNHWOO4XF73M2W56ILZUY4JQG3JXIR/ http://seclists.org/fulldisclosure/2020/Mar/6 https://security.gentoo.org/glsa/202003-19 http://packetstormsecurity.com/files/156662/pppd-2.4.8-Buffer-Overflow.html http://packetstormsecurity.com/files/156802/pppd-2.4.8-Buffer-Overflow.html https://cert-portal.siemens.com/productcert/pdf/ssa-809841.pdf https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426 https://us-cert.cisa.gov/ics/advisories/icsa-20-224-04 https://lists.debian.org/debian-lts-announce/2020/02/msg00005.html RedHat Security Advisories: RHSA-2020:0630 https://access.redhat.com/errata/RHSA-2020:0630 RedHat Security Advisories: RHSA-2020:0631 https://access.redhat.com/errata/RHSA-2020:0631 RedHat Security Advisories: RHSA-2020:0633 https://access.redhat.com/errata/RHSA-2020:0633 RedHat Security Advisories: RHSA-2020:0634 https://access.redhat.com/errata/RHSA-2020:0634 SuSE Security Announcement: openSUSE-SU-2020:0286 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00006.html https://usn.ubuntu.com/4288-1/ https://usn.ubuntu.com/4288-2/
Copyright	Copyright (C) 2022 Greenbone Networks GmbH