CVE-2020-8597 log

Severity Medium
Remote Yes
Type Arbitrary code execution
A buffer overflow flaw was found in the ppp package in versions 2.4.2 through 2.4.8. The bounds check for the rhostname was improperly constructed in the EAP request and response functions which could allow a buffer overflow to occur. Data confidentiality and integrity, as well as system availability, are all at risk with this vulnerability.
Group Package Affected Fixed Severity Status Ticket
AVG-1101 ppp 2.4.7-6 2.4.7-7 Medium Fixed
Date Advisory Group Package Severity Type
07 Mar 2020 ASA-202003-3 AVG-1101 ppp Medium arbitrary code execution