10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.066 Low
EPSS
Percentile
93.8%
Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0
through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902
allows remote attackers to cause a denial of service (panic), obtain
sensitive information, and possibly execute arbitrary code via crafted Link
Control Protocol (LCP) packets with an option length that exceeds the
overall length, which triggers the overflow in (1) pppoe and (2) ippp.
NOTE: this issue was originally incorrectly reported for the ppp driver.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 7.04 | noarch | kfreebsd-5 | < 5.4-21 | UNKNOWN |
ubuntu | 7.10 | noarch | kfreebsd-5 | < 5.4-21 | UNKNOWN |
ubuntu | 8.04 | noarch | kfreebsd-5 | < 5.4-21 | UNKNOWN |
ubuntu | 8.10 | noarch | kfreebsd-5 | < 5.4-21 | UNKNOWN |