Showing 1 - 6 of 6

CVE-2014-3158

Status Candidate

Overview

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "[corrupts] security-relevant variables."

Related Files

Slackware Security Advisory - ppp Updates: Posted Apr 22, 2015; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New ppp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.; tags | advisory; systems | linux, slackware; advisories | CVE-2014-3158, CVE-2015-3310; SHA-256 | 7a48ee5a01b2016c74691deaae312c4964ac9f83da93f71edd58f4c7ac804936; Download | Favorite | View

Mandriva Linux Security Advisory 2015-135: Posted Mar 30, 2015; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2015-135 - A vulnerability in ppp before 2.4.7 may enable an unprivileged attacker to access privileged options.; tags | advisory; systems | linux, mandriva; advisories | CVE-2014-3158; SHA-256 | c250b0f1a61c3c700f05e83a6eab0505cb72c9ad4019f2ad669136baafe19f53; Download | Favorite | View

Gentoo Linux Security Advisory 201412-19: Posted Dec 15, 2014; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201412-19 - An integer overflow in PPP might allow local attackers to obtain sensitive information. Versions less than 2.4.7 are affected.; tags | advisory, overflow, local; systems | linux, gentoo; advisories | CVE-2014-3158; SHA-256 | 00f3972057ce9cbd8ec2d55752bb839c01a61afac4c677093d3e6e8338a5caae; Download | Favorite | View

Ubuntu Security Notice USN-2429-1: Posted Dec 1, 2014; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2429-1 - It was discovered that ppp incorrectly handled certain options files. A local attacker could possibly use this issue to escalate privileges.; tags | advisory, local; systems | linux, ubuntu; advisories | CVE-2014-3158; SHA-256 | d05fe8636e08f6dfb0df567b509bcd006b04eeec63bc35aed3f09aaaa79b61a7; Download | Favorite | View

Debian Security Advisory 3079-1: Posted Dec 1, 2014; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3079-1 - A vulnerability was discovered in ppp, an implementation of the responsible for parsing user-supplied options potentially allows a local attacker to gain root privileges.; tags | advisory, local, root; systems | linux, debian; advisories | CVE-2014-3158; SHA-256 | ed1ede6b9055ca30a5f27bd99cfb95991ce416c2151f3dfff1e7eba069f078d0; Download | Favorite | View

Mandriva Linux Security Advisory 2014-178: Posted Sep 8, 2014; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2014-178 - A vulnerability in ppp before 2.4.7 may enable an unprivileged attacker to access privileged options.; tags | advisory; systems | linux, mandriva; advisories | CVE-2014-3158; SHA-256 | a3a3e36971b73655a25cc167f503705376e2ea9b80654a9606fb89facd82aa6c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 290 files
Ubuntu 63 files
Debian 20 files
Gentoo 8 files
Apple 6 files
LiquidWorm 4 files
Google Security Research 4 files
Alter Prime 3 files
Spencer McIntyre 3 files
Jann Horn 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2014-3158

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems