point-to-point protocol project

Top products

The 6 most recently published vulnerabilities affecting point-to-point protocol project.

• CVE-2020-8597eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.9.8Feb 3, 2020
• CVE-2018-11574Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation i...9.8Jun 14, 2018
• CVE-2015-3310Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a deni...4.3Apr 24, 2015
• CVE-2014-3158Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which trig...7.5Nov 15, 2014
• CVE-2004-2695SQL injection vulnerability in the Authorize.net callback code (subscriptions/authorize.php) in Jelsoft vBulletin 3.0 through 3.0.3 allows remote attackers to execute arbitrary SQL statements via t...7.5Oct 6, 2007
• CVE-2006-2194The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such a...7.2Jul 5, 2006