1. Forum
  2. Fsxnet Message
  3. FSX BOT

  • ppp vulnerability

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Thursday, February 20, 2020 12:10:10
    ppp vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    ppp could be made to crash or run programs if it received
    specially crafted network traffic.

    Software Description

    * ppp - Point-to-Point Protocol (PPP)

    Details

    It was discovered that ppp incorrectly handled certain rhostname
    values. A remote attacker could use this issue to cause ppp to
    crash, resulting in a denial of service, or possibly execute
    arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    ppp - 2.4.7-2+4.1ubuntu4.1

    Ubuntu 18.04 LTS
    ppp - 2.4.7-2+2ubuntu1.2

    Ubuntu 16.04 LTS
    ppp - 2.4.7-1+2ubuntu1.16.04.2

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2020-8597

    --- Mystic BBS v1.12 A44 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Monday, March 02, 2020 16:10:13
    ppp vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    ppp could be made to crash or run programs if it received
    specially crafted network traffic.

    Software Description

    * ppp - Point-to-Point Protocol (PPP)

    Details

    USN-4288-1 fixed a vulnerability in ppp. This update provides the
    corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

    Original advisory details:

    It was discovered that ppp incorrectly handled certain rhostname
    values. A remote attacker could use this issue to cause ppp to
    crash, resulting in a denial of service, or possibly execute
    arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 14.04 ESM
    ppp - 2.4.5-5.1ubuntu2.3+esm1

    Ubuntu 12.04 ESM
    ppp - 2.4.5-5ubuntu1.3

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * USN-4288-1
    * CVE-2020-8597

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Tuesday, August 04, 2020 16:10:06
    ppp vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    ppp could be made to load arbitrary kernel modules and possibly
    run programs.

    Software Description

    * ppp - Point-to-Point Protocol (PPP)

    Details

    Thomas Chauchefoin discovered that ppp incorrectly handled module
    loading. A local attacker could use this issue to load arbitrary
    kernel modules and possibly execute arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    ppp - 2.4.7-2+4.1ubuntu5.1

    Ubuntu 18.04 LTS
    ppp - 2.4.7-2+2ubuntu1.3

    Ubuntu 16.04 LTS
    ppp - 2.4.7-1+2ubuntu1.16.04.3

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2020-15704

    --- Mystic BBS v1.12 A46 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Thursday, August 06, 2020 12:10:06
    ppp vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    ppp could be made to load arbitrary kernel modules and possibly
    run programs.

    Software Description

    * ppp - Point-to-Point Protocol (PPP)

    Details

    USN-4451-1 fixed a vulnerability in ppp. This update provides the
    corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

    Original advisory details:

    Thomas Chauchefoin discovered that ppp incorrectly handled module
    loading. A local attacker could use this issue to load arbitrary
    kernel modules and possibly execute arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 14.04 ESM
    ppp - 2.4.5-5.1ubuntu2.3+esm2

    Ubuntu 12.04 ESM
    ppp - 2.4.5-5ubuntu1.4

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * USN-4451-1
    * CVE-2020-15704

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)