Attacker Value
Very Low
0

CVE-2020-8597

Disclosure Date: February 03, 2020 Last updated March 10, 2020

Exploitability

(2 users assessed) Moderate
Attack Vector
Network
Privileges Required
None
User Interaction
None

Description

eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.

Add Assessment

1
Technical Analysis

AFAIK, it is common to enable full mitigations on the binary, with ASLR enabled on the system. While this doesn’t mean much in and of itself, it could mean the vulnerability is difficult or “impossible” to exploit, depending on how the software is engineered or configured. A crash has already been proven.

1
Ratings
  • Attacker Value
    Very Low
  • Exploitability
    Medium
Technical Analysis

How do you get someone to autenticate with an untrusted PPPD peer these days? I just don’t think the vector for attack is easy for any attacker, and if you are in a position to sit there, like in a DSLAM, you have access to a lot of other evil possibilities.

Technical Analysis