First published: Mon Mar 02 2020(Updated: )
USN-4288-1 fixed a vulnerability in ppp. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/ppp | <2.4.5-5.1ubuntu2.3+esm1 | 2.4.5-5.1ubuntu2.3+esm1 |
=14.04 | ||
All of | ||
ubuntu/ppp | <2.4.5-5ubuntu1.3 | 2.4.5-5ubuntu1.3 |
=12.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of USN-4288-2 is CVE-2020-8597.
The software affected by USN-4288-2 is ppp.
The vulnerability in ppp can be exploited by a remote attacker to cause ppp to crash.
Versions 12.04 and 14.04 of Ubuntu are affected by USN-4288-2.
To fix the vulnerability in ppp, update to version 2.4.5-5.1ubuntu2.3+esm1 on Ubuntu 12.04 ESM and 14.04 ESM.