Pierluigi Paganini
March 06, 2020
A 17-year-old critical remote code execution vulnerability affecting the PPP Daemon software exposes most Linux systems to hack.
The US-CERT issued a security advisory warning users of the RCE in the PPP daemon (pppd) software that is part of almost all Linux based operating systems.
The
The flaw, tracked as CVE-2020-8597, was discovered by the expert Ilja Van Sprundel from IOActive, it is a stack buffer overflow issue that is caused by a logical error in the Extensible Authentication Protocol (EAP) packet parser of the
The vulnerability can be exploited by remote attackers to execute arbitrary code on affected systems and take full control over them.
It could be exploited by sending an unsolicited malformed EAP packet to a vulnerable ppp client or a server.
The CVE-2020-8597 remote code execution issue received a CVSS Score 9.8, it affects PPP Daemon versions 2.4.2 through 2.4.8.
“This vulnerability is due to an error in validating the size of the input before copying the supplied data into memory. As the validation of the data size is incorrect, arbitrary data can be copied into memory and cause memory corruption possibly leading to execution of unwanted code.” reads the security advisory published by the expert.
“The vulnerability is in the logic of the
The expert pointed out that the
“It is incorrect to assume that
The vulnerability affects the most popular Linux distributions, below the associated advisories:
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(
[adrotate banner=”5″]
[adrotate banner=”13″]
