Bug 137881
| Summary: | CAN-2004-1002 Integer underflow in ppp | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Josh Bressers <bressers> |
| Component: | ppp | Assignee: | Thomas Woerner <twoerner> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 2 | Keywords: | Security |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2004-11-03 10:01:45 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Fixed in updates in rpm ppp-2.4.2-5.2.FC2. This issue is only a DoS on the connection the attacker is using. |
Improper verification of header fields lets an attacker make the pppd server access memory it isn't allowed to, and crash the server. There is no possibility of code execution, as there is no data being copied, just a pointer dereferenced. More information here. http://www.securityfocus.com/archive/1/379450/2004-10-23/2004-10-29/0 This should also affect FC3