Security News > 2020 > March > Critical PPP Daemon Flaw Opens Most Linux Systems to Remote Hackers

The US-CERT today issued advisory warning users of a new dangerous 17-year-old remote code execution vulnerability affecting the PPP daemon software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices.

Discovered by IOActive security researcher Ilja Van Sprundel, the critical issue is a stack buffer overflow vulnerability that exists due to a logical error in the Extensible Authentication Protocol packet parser of the pppd software, an extension that provides support for additional authentication methods in PPP connections.

The vulnerability, tracked as CVE-2020-8597 with CVSS Score 9.8, can be exploited by unauthenticated attackers to remotely execute arbitrary code on affected systems and take full control over them.

Since pppd often runs with high privileges and works in conjunction with kernel drivers, the flaw could allow attackers to potentially execute malicious code with the system or root-level privileges.

According to the researcher, Point-to-Point Protocol Daemon versions 2.4.2 through 2.4.8 - all versions released in the last 17 years - are vulnerable to this new remote code execution vulnerability.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/Kr-S8EKl2Lg/ppp-daemon-vulnerability.html