GLSA-201701-50 : PPP: Buffer overflow
Medium Nessus Plugin ID 96685
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201701-50 (PPP: Buffer overflow)
A buffer overflow was discovered in the rc_mksid function in plugins/radius/util.c in PPP when the PID for pppd is greater than 65535.
A remote attacker could cause a Denial of Service condition.
There is no known workaround at this time.
SolutionAll PPP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-dialup/ppp-2.4.7-r3'