Security News > 2020 > March > PPP Daemon flaw opens Linux distros, networking devices to takeover attacks

PPP Daemon flaw opens Linux distros, networking devices to takeover attacks
2020-03-10 05:00

A vulnerability in the Point-to-Point Protocol Daemon software, which comes installed on many Linux-based and Unix-like operating systems and networking devices, can be exploited by unauthenticated attackers to achieve code execution on - and takeover of - a targeted system.

Pppd is a daemon that is used to manage PPP session establishment and session termination between two nodes on Unix-like operating systems.

CVE-2020-8597 is a buffer overflow vulnerability that arose due to a flaw in Extensible Authentication Protocol packet processing in eap request and eap response subroutines.

"PPP is the protocol used for establishing internet links over dial-up modems, DSL connections, and many other types of point-to-point links including Virtual Private Networks such as Point to Point Tunneling Protocol. The pppd software can also authenticate a network connected peer and/or supply authentication information to the peer using multiple authentication protocols including EAP," IOActive explained in a security advisory.

"Due to a flaw in the Extensible Authentication Protocol packet processing in the Point-to-Point Protocol Daemon, an unauthenticated remote attacker may be able to cause a stack buffer overflow, which may allow arbitrary code execution on the target system. This vulnerability is due to an error in validating the size of the input before copying the supplied data into memory. As the validation of the data size is incorrect, arbitrary data can be copied into memory and cause memory corruption possibly leading to execution of unwanted code."


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/sLrr1E5cxog/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-02-03 CVE-2020-8597 Classic Buffer Overflow vulnerability in multiple products
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
network
low complexity
point-to-point-protocol-project wago debian canonical CWE-120
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2312 1489 67 3932