CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-11574

Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files. Configurations that use the `refuse-app` option are unaffected.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2018-11574

Point-To-Point Protocol Project » Point-To-Point Protocol » Version: N/A

cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol:-
Point-To-Point Protocol Project » Point-To-Point Protocol » Version: 2.4.1

cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol:2.4.1
Point-To-Point Protocol Project » Point-To-Point Protocol » Version: 2.4.2

cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol:2.4.2
Point-To-Point Protocol Project » Point-To-Point Protocol » Version: 2.4.3

cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol:2.4.3
Point-To-Point Protocol Project » Point-To-Point Protocol » Version: 2.4.4

cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol:2.4.4
Point-To-Point Protocol Project » Point-To-Point Protocol » Version: 2.4.5

cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol:2.4.5
Point-To-Point Protocol Project » Point-To-Point Protocol » Version: 2.4.6

cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol:2.4.6
Point-To-Point Protocol Project » Point-To-Point Protocol » Version: 2.4.7

cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol:2.4.7
Point-To-Point Protocol Project » Point-To-Point Protocol » Version: 2.4.8

cpe:2.3:a:point-to-point_protocol_project:point-to-point_protocol:2.4.8
Canonical » Ubuntu Linux » Version: 14.04

cpe:2.3:o:canonical:ubuntu_linux:14.04
Canonical » Ubuntu Linux » Version: 16.04

cpe:2.3:o:canonical:ubuntu_linux:16.04
Canonical » Ubuntu Linux » Version: 18.04

cpe:2.3:o:canonical:ubuntu_linux:18.04

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-11574

Products

Pricing

Contact Us