Security News > 2020 > March > PPP Daemon flaw opens Linux distros, networking devices to takeover attacks

A vulnerability in the Point-to-Point Protocol Daemon software, which comes installed on many Linux-based and Unix-like operating systems and networking devices, can be exploited by unauthenticated attackers to achieve code execution on - and takeover of - a targeted system.

Pppd is a daemon that is used to manage PPP session establishment and session termination between two nodes on Unix-like operating systems.

CVE-2020-8597 is a buffer overflow vulnerability that arose due to a flaw in Extensible Authentication Protocol packet processing in eap request and eap response subroutines.

"PPP is the protocol used for establishing internet links over dial-up modems, DSL connections, and many other types of point-to-point links including Virtual Private Networks such as Point to Point Tunneling Protocol. The pppd software can also authenticate a network connected peer and/or supply authentication information to the peer using multiple authentication protocols including EAP," IOActive explained in a security advisory.

"Due to a flaw in the Extensible Authentication Protocol packet processing in the Point-to-Point Protocol Daemon, an unauthenticated remote attacker may be able to cause a stack buffer overflow, which may allow arbitrary code execution on the target system. This vulnerability is due to an error in validating the size of the input before copying the supplied data into memory. As the validation of the data size is incorrect, arbitrary data can be copied into memory and cause memory corruption possibly leading to execution of unwanted code."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/sLrr1E5cxog/