According to US-CERT Coordination Center, PPPD (Point to Point Protocol Daemon) versions 2.4.2 to 2.4.8 are “vulnerable to buffer overflow due to a flaw in Extensible Authentication Protocol (EAP) packet processing in eap_request and eap_response subroutines.”
Sending an unsolicited EAP packet
US-Cert defines PPP as the protocol used for establishing internet links over dial-up modems, DSL connections, and many other types of point-to-point links, including Virtual Private Networks (VPN) such as Point to Point Tunneling Protocol (PPTP). Additionally, the PPPD also can authenticate a network-connected peer and/or supply authentication information to the peer using multiple authentication protocols, including EAP.
The center said that an error invalidating the size of the input before copying the supplied data into memory causes this vulnerability. This flaw allows an unauthenticated, remote attacker to make arbitrary code execution on the target system. This copied arbitrary data causes memory corruption, possibly leading to the execution of unwanted code.
Popular distros are affected
Ija Van Sprundel, an IOActive security researcher, found the flaw. Ubuntu, Debian, Fedora, SUSE Linux, Red Hat Enterprise Linux are the most popular Linux-based operating systems affected by the flaw. Using up to date software with the latest available patches provided is the only solution for protecting against this vulnerability.