Latest News Latest News

New Zoom Hack Lets Hackers Compromise Windows and Its Login Password

Zoom has been there for nine years, but the immediate requirement of an easy-to-use video conferencing app during the coronavirus pandemic overnight made it one of the most favorite communication tool for millions of people around the globe.

Read More...

Warning — Two Unpatched Critical 0-Day RCE Flaws Affect All Windows Versions

Microsoft today issued a new security advisory warning billions of Windows users of two new critical, unpatched zero-day vulnerabilities that could let hackers remotely take complete control over targeted computers.

Read More...

New Android Cookie-Stealing Malware Found Hijacking Facebook Accounts

A new simple but dangerous strain of Android malware has been found in the wild that steals users' authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices.

Read More...

Warning — Unpatched Critical 'Wormable' Windows SMBv3 Flaw Disclosed

Shortly after releasing its monthly batch of security updates, Microsoft late yesterday separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Server Message Block 3.0 (SMBv3) network communication protocol.

Read More...

Microsoft Issues March 2020 Updates to Patch 115 Security Flaws

Microsoft today released security updates to fix a total of 115 new security vulnerabilities in various versions of its Windows operating system and related software—making March 2020 edition the biggest ever Patch Tuesday in the company's history.

Read More...

Critical PPP Daemon Flaw Opens Most Linux Systems to Remote Hackers

The US-CERT today issued advisory warning users of a new dangerous 17-year-old remote code execution vulnerability affecting the PPP daemon (pppd) software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices.

Read More...

GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat

If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it.

Read More...

New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices

Cyber security researchers today uncovered a new high-severity hardware vulnerability residing in the widely-used Wi-Fi chips manufactured by Broadcom and Cypress—apparently powering over a billion devices, including smartphones, tablets, laptops, routers, and IoT gadgets.

Read More...

New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers

OpenSMTPD has been found vulnerable to yet another critical vulnerability that could allow remote attackers to take complete control over email servers running BSD or Linux operating systems.

Read More...

Emotet Malware Now Hacks Nearby Wi-Fi Networks to Infect New Victims

Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks.

Read More...

Most Viewed News Most Viewed News

Back

Critical PPP Daemon Flaw Opens Most Linux Systems to Remote Hackers

The US-CERT today issued advisory warning users of a new dangerous 17-year-old remote code execution vulnerability affecting the PPP daemon (pppd) software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices.

The affected pppd software is an implementation of Point-to-Point Protocol (PPP) that enables communication and data transfer between nodes, primarily used to establish internet links such as those over dial-up modems, DSL broadband connections, and Virtual Private Networks.

Discovered by IOActive security researcher Ilja Van Sprundel, the critical issue is a stack buffer overflow vulnerability that exists due to a logical error in the Extensible Authentication Protocol (EAP) packet parser of the pppd software.

The vulnerability, tracked as CVE-2020-8597 with CVSS Score 9.8, can be exploited by unauthenticated attackers to remotely execute arbitrary code on affected systems and take full control over them.

For this, all an attacker needs to do is to send an unsolicited malformed EAP packet to a vulnerable ppp client or a server.
Additionally, since pppd often runs with high privileges and works in conjunction with kernel drivers, the flaw could allow attackers to potentially execute malicious code with the system or root-level privileges.

"This vulnerability is due to an error in validating the size of the input before copying the supplied data into memory. As the validation of the data size is incorrect, arbitrary data can be copied into memory and cause memory corruption, possibly leading to the execution of unwanted code," the advisory says.

"The vulnerability is in the logic of the eap parsing code, specifically in the eap_request() and eap_response() functions in eap.c that are called by a network input handler."

"It is incorrect to assume that pppd is not vulnerable if EAP is not enabled or EAP has not been negotiated by a remote peer using a secret or passphrase. This is due to the fact that an authenticated attacker may still be able to send unsolicited EAP packet to trigger the buffer overflow."

pppd Bug: Affected Operating Systems and Devices

According to the researcher, Point-to-Point Protocol Daemon versions 2.4.2 through 2.4.8 — all versions released in the last 17 years — are vulnerable to this new remote code execution vulnerability.

Some of the widely-used, popular Linux distributions, listed below, have already been confirmed impacted, and many other projects are most likely affected as well.

Debian
Ubuntu
SUSE Linux
Fedora
NetBSD
Red Hat Enterprise Linux

Besides this, the list of other vulnerable applications and devices (some of them listed below) that ship the pppd software is also likely extensive, opening a large attack surface for hackers.

Cisco CallManager
TP-LINK products
OpenWRT Embedded OS
Synology (DiskStation Manager, VisualStation, Router Manager)

Users with affected operating systems and devices are advised to apply security patches as soon as possible, or when it becomes available.


Contact Us Contact Us

Free Call[OH]: 933

Phone Number: +251-900-89-64-48,

                            +251-944-33-68-02

E-mail: ethiocert@insa.gov.et

P.O.Box: 124498

Download PGP Keys


Report an Incident

Values Values

  • Trustworthiness
  • Innovation
  • Scientific
  • Democracy
  • Synergy
  • Saving