A vulnerability was discovered in ppp, an implementation of the Point-to-Point Protocol: an integer overflow in the routine responsible for parsing user-supplied options potentially allows a local attacker to gain root privileges. For the stable distribution (wheezy), this problem has been fixed in version 2.4.5-5.1+deb7u1. For the upcoming stable distribution (jessie) and unstable distribution (sid), this problem has been fixed in version 2.4.6-3. We recommend that you upgrade your ppp packages.
A vulnerability was discovered in ppp, an implementation of the Point-to-Point Protocol: an integer overflow in the routine responsible for parsing user-supplied options potentially allows a local attacker to gain root privileges.
For the stable distribution (wheezy), this problem has been fixed in version 2.4.5-5.1+deb7u1.
For the upcoming stable distribution (jessie) and unstable distribution (sid), this problem has been fixed in version 2.4.6-3.
We recommend that you upgrade your ppp packages.