Vulnerabilities > Point TO Point Protocol Project > Point TO Point Protocol > 2.4.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-03 | CVE-2020-8597 | Classic Buffer Overflow vulnerability in multiple products eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. | 9.8 |
2018-06-14 | CVE-2018-11574 | Integer Overflow or Wraparound vulnerability in multiple products Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. | 9.8 |
2015-04-24 | CVE-2015-3310 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server. | 4.3 |