Download
| Alert*
oval:org.secpod.oval:def:601845
A vulnerability was discovered in ppp, an implementation of the Point-to-Point Protocol: an integer overflow in the routine responsible for parsing user-supplied options potentially allows a local attacker to gain root privileges. oval:org.secpod.oval:def:21808 The host is installed with PPP package before 2.4.7 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a long word in an options file. Successful exploitation allows attackers to "access privileged options". |