ID de Prueba:	1.3.6.1.4.1.25623.1.1.13.2020.064.01
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2020-064-01)
Resumen:	The remote host is missing an update for the 'ppp' package(s) announced via the SSA:2020-064-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ppp' package(s) announced via the SSA:2020-064-01 advisory. Vulnerability Insight: New ppp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/ppp-2.4.8-i586-1_slack14.2.txz: Upgraded. This update fixes a security issue: By sending an unsolicited EAP packet to a vulnerable ppp client or server, an unauthenticated remote attacker could cause memory corruption in the pppd process, which may allow for arbitrary code execution. For more information, see: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'ppp' package(s) on Slackware 14.0, Slackware 14.1, Slackware 14.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-8597 CERT/CC vulnerability note: VU#782301 https://www.kb.cert.org/vuls/id/782301 Debian Security Information: DSA-4632 (Google Search) https://www.debian.org/security/2020/dsa-4632 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOFDAIOWSWPG732ASYUZNINMXDHY4APE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNJNHWOO4XF73M2W56ILZUY4JQG3JXIR/ http://seclists.org/fulldisclosure/2020/Mar/6 https://security.gentoo.org/glsa/202003-19 http://packetstormsecurity.com/files/156662/pppd-2.4.8-Buffer-Overflow.html http://packetstormsecurity.com/files/156802/pppd-2.4.8-Buffer-Overflow.html https://cert-portal.siemens.com/productcert/pdf/ssa-809841.pdf https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426 https://us-cert.cisa.gov/ics/advisories/icsa-20-224-04 https://lists.debian.org/debian-lts-announce/2020/02/msg00005.html RedHat Security Advisories: RHSA-2020:0630 https://access.redhat.com/errata/RHSA-2020:0630 RedHat Security Advisories: RHSA-2020:0631 https://access.redhat.com/errata/RHSA-2020:0631 RedHat Security Advisories: RHSA-2020:0633 https://access.redhat.com/errata/RHSA-2020:0633 RedHat Security Advisories: RHSA-2020:0634 https://access.redhat.com/errata/RHSA-2020:0634 SuSE Security Announcement: openSUSE-SU-2020:0286 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00006.html https://usn.ubuntu.com/4288-1/ https://usn.ubuntu.com/4288-2/
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.