What Are You Looking For?

Sign Up

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3228-1                   security@debian.org
http://www.debian.org/security/                        Sebastien Delafond
April 16, 2015                         http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : ppp
CVE ID         : CVE-2015-3310
Debian Bug     : 782450

Emanuele Rocca discovered that ppp, a daemon implementing the
Point-to-Point Protocol, was subject to a buffer overflow when
communicating with a RADIUS server. This would allow unauthenticated
users to cause a denial-of-service by crashing the daemon.

For the stable distribution (wheezy), this problem has been fixed in
version 2.4.5-5.1+deb7u2.

For the upcoming stable distribution (jessie) and unstable
distribution (sid), this problem has been fixed in version 2.4.6-3.1.

We recommend that you upgrade your ppp packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

Debian: DSA-3228-1: ppp security update

April 16, 2015
Emanuele Rocca discovered that ppp, a daemon implementing the Point-to-Point Protocol, was subject to a buffer overflow when communicating with a RADIUS server

Summary

For the stable distribution (wheezy), this problem has been fixed in
version 2.4.5-5.1+deb7u2.

For the upcoming stable distribution (jessie) and unstable
distribution (sid), this problem has been fixed in version 2.4.6-3.1.

We recommend that you upgrade your ppp packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

Severity
Emanuele Rocca discovered that ppp, a daemon implementing the
Point-to-Point Protocol, was subject to a buffer overflow when
communicating with a RADIUS server. This would allow unauthenticated
users to cause a denial-of-service by crashing the daemon.

Related News

Firewalld 1.3 Released With Easier Firewall Management For More Services

Jan 15, 2023

What Is the Difference between vsftpd and ProFTPd?

Mar 29, 2023

Linux Tries to Dump Windows' Notoriously Insecure RNDIS Protocol

Oct 5, 2023

What Is OpenSSL?

Feb 21, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo