Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2015-3310

Published: 24/04/2015 Updated: 24/02/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Ubuntu Linux

Vulnerability Summary

Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and previous versions, when the PID for pppd is greater than 65535, allows remote malicious users to cause a denial of service (crash) via a start accounting message to the RADIUS server.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

canonical ubuntu linux 12.04

canonical ubuntu linux 14.04

canonical ubuntu linux 14.10

debian debian linux 7.0

point-to-point protocol project point-to-point protocol

Vendor Advisories

Debian CVElist Bug Report Logs: ppp: CVE-2015-3310: Buffer overflow in radius plugin
Debian Bug report logs - #782450 ppp: CVE-2015-3310: Buffer overflow in radius plugin Package: ppp; Maintainer for ppp is Chris Boot <bootc@debianorg>; Source for ppp is src:ppp (PTS, buildd, popcon) Reported by: Emanuele Rocca <ema@linuxit> Date: Sun, 12 Apr 2015 12:21:07 UTC Severity: important Tags: patch, secu ...
Ubuntu Security Notice: ppp vulnerability
ppp could be made to crash if it received specially crafted network traffic ...
Red Hat: CVE-2015-3310
Buffer overflow in the rc_mksid function in plugins/radius/utilc in Paul's PPP Package (ppp) 246 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server ...

References

CWE-119http://www.debian.org/security/2015/dsa-3228https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782450http://www.mandriva.com/security/advisories?name=MDVSA-2015:222http://www.ubuntu.com/usn/USN-2595-1http://advisories.mageia.org/MGASA-2015-0173.htmlhttp://www.securityfocus.com/bid/74163http://lists.opensuse.org/opensuse-updates/2015-11/msg00147.htmlhttps://security.gentoo.org/glsa/201701-50https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782450https://usn.ubuntu.com/2595-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2015-3310
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook