FreeBSD Security Advisory (FreeBSD-SA-06:18.ppp.asc) Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:18.ppp.asc

Solution

Upgrade your system to the appropriate stable release or security branch dated after the correction date https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-06:18.ppp.asc

Insight

The ppp(4) driver implements the Point-to-Point Protocol for using serial lines (e.g., modems) as network interfaces. While processing Link Control Protocol (LCP) configuration options received from the remote host, ppp(4) fails to correctly validate option lengths. This may result in data being read or written beyond the allocated kernel memory buffer.

Severity

Classification

CVE CVE-2006-4304
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

FreeBSD Ports: cdrdao
FreeBSD Ports: clamav
FreeBSD Ports: caml-light
FreeBSD Ports: apache+mod_ssl
FreeBSD Ports: amaya

Take action and discover your vulnerabilities