PPPD Remote Code Execution Vulnerability “Ghostcat”

Snippet of the vulnerability from the Qualys report. ID: CVE-2020-8597Title: pppd EAP Processing Buffer Overflow Vulnerability (“Ghostcat”)Vendor: Multi-VendorDescription: pppd (Point to Point Protocol Daemon) is vulnerable to buffer overflow due to a flaw in Extensible Authentication Protocol (EAP) packet processing in eap_request and eap_response subroutines. The vulnerability is in the logic of the eap parsing code. By sending an unsolicited

Read more