Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 152846 - CAN-2004-1002 pppd Remote Denial of Service
Summary: CAN-2004-1002 pppd Remote Denial of Service
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora Legacy
Classification: Retired
Component: Package request
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Fedora Legacy Bugs
QA Contact:
URL: http://www.securityfocus.com/advisori...
Whiteboard: LEGACY
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-11-09 08:41 UTC by John Dalbec
Modified: 2008-05-01 15:38 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description David Lawrence 2005-03-30 23:29:30 UTC
04.44.13 CVE: Not Available
Platform: Unix
Title: pppd Remote Denial of Service
Description: pppd is vulnerable to a remote denial of service
condition due to a failure of the application to properly handle
invalid input. pppd version 2.4.1 is knwown to be vulnerable.
Ref: http://www.securityfocus.com/advisories/7406



------- Additional Comments From fedora-legacy-bugzilla-2004@fumika.jp 2004-11-09 16:24:21 ----

CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1002

Red Hat Bugzilla:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=137880
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=137881

This bug has been closed as "NOTABUG" by Red Hat Bugzilla. 
But, fixed in updates in rpm ppp-2.4.2-5.2.FC2.

http://download.fedora.us/fedora/fedora/2/i386/SRPMS.updates/ppp-2.4.2-5.2.FC2.src.rpm



------- Additional Comments From bugzilla.fedora.us@beej.org 2004-12-10 09:50:04 ----

the reason it was NOTABUG for fc1 is that it looks like you can only DOS yourself:
===
Date: Tue, 2 Nov 2004 10:12:30 +1100
From: Paul Mackerras <paulus@samba.org>
To: Luke Macken <lewk@gentoo.org>
Cc: gentoo-announce@gentoo.org, bugtraq@securityfocus.com,
   full-disclosure@lists.netsys.com, security-alerts@linuxsecurity.com
Subject: Re: [ GLSA 200411-01 ] ppp: Remote denial of service vulnerability

Luke Macken writes:

> The pppd server improperly verifies header fields, making it vulnerable
> to denial of service attacks.
> 
> Impact
> ======
> 
> An attacker can cause the pppd server to access memory that it isn't
> allowed to, causing the server to crash. No code execution is possible
> with this vulnerability, because no data is getting copied.

Furthermore, only the connection to the attacker will be affected,
since a separate pppd process handles each ppp connection.  In other
words, an attacker can terminate their own connection, but they can
not affect any other connection, or prevent new connections from being
established.  Given that, I don't think that this is even a DoS
vulnerability.

Paul.
===



------- Additional Comments From pekkas@netcore.fi 2005-02-15 07:02:46 ----

Given the above and the fact that we already have a lot of pending updates on
our plate, I'm closing this as WONTFIX.



------- Bug moved to this database by dkl@redhat.com 2005-03-30 18:29 -------

This bug previously known as bug 2262 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2262
Originally filed under the Fedora Legacy product and Package request component.

Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.




Note You need to log in before you can comment on or make changes to this bug.