First published: Thu Feb 20 2020(Updated: )
It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/ppp | <2.4.7-2+4.1ubuntu4.1 | 2.4.7-2+4.1ubuntu4.1 |
Ubuntu Ubuntu | =19.10 | |
All of | ||
ubuntu/ppp | <2.4.7-2+2ubuntu1.2 | 2.4.7-2+2ubuntu1.2 |
Ubuntu Ubuntu | =18.04 | |
All of | ||
ubuntu/ppp | <2.4.7-1+2ubuntu1.16.04.2 | 2.4.7-1+2ubuntu1.16.04.2 |
Ubuntu Ubuntu | =16.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this ppp vulnerability is USN-4288-1.
The ppp vulnerability could allow a remote attacker to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code.
An attacker can exploit the ppp vulnerability by sending specially crafted rhostname values.
The versions of Ubuntu affected by the ppp vulnerability are 19.10, 18.04, and 16.04.
To fix the ppp vulnerability, apply the appropriate security update for your Ubuntu version.