Vulnerabilites related to mpd_project - mpd
cve-2020-7465
Vulnerability from cvelistv5
Published
2020-10-06 13:40
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption).
References
| ▼ | URL | Tags |
|---|---|---|
| https://sourceforge.net/p/mpd/bugs/70/ | x_refsource_MISC | |
| https://sourceforge.net/p/mpd/svn/2377/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | MPD: FreeBSD PPP daemon |
Version: All versions prior to version 5.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:18.770Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/mpd/bugs/70/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/mpd/svn/2377/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MPD: FreeBSD PPP daemon",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 5.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-06T13:40:03",
"orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"shortName": "freebsd"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/mpd/bugs/70/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/mpd/svn/2377/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secteam@freebsd.org",
"ID": "CVE-2020-7465",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MPD: FreeBSD PPP daemon",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 5.9"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceforge.net/p/mpd/bugs/70/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/mpd/bugs/70/"
},
{
"name": "https://sourceforge.net/p/mpd/svn/2377/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/mpd/svn/2377/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"assignerShortName": "freebsd",
"cveId": "CVE-2020-7465",
"datePublished": "2020-10-06T13:40:03",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:18.770Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7466
Vulnerability from cvelistv5
Published
2020-10-06 13:43
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would result in a denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://sourceforge.net/p/mpd/svn/2374/ | x_refsource_MISC | |
| https://sourceforge.net/p/mpd/bugs/69/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | MPD: FreeBSD PPP daemon |
Version: All versions prior to version 5.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:18.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/mpd/svn/2374/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/mpd/bugs/69/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MPD: FreeBSD PPP daemon",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 5.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would result in a denial of service condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-06T13:43:31",
"orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"shortName": "freebsd"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/mpd/svn/2374/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/mpd/bugs/69/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secteam@freebsd.org",
"ID": "CVE-2020-7466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MPD: FreeBSD PPP daemon",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 5.9"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would result in a denial of service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceforge.net/p/mpd/svn/2374/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/mpd/svn/2374/"
},
{
"name": "https://sourceforge.net/p/mpd/bugs/69/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/mpd/bugs/69/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"assignerShortName": "freebsd",
"cveId": "CVE-2020-7466",
"datePublished": "2020-10-06T13:43:31",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:18.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-10-06 14:15
Modified
2024-11-21 05:37
Severity ?
Summary
The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would result in a denial of service condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secteam@freebsd.org | https://sourceforge.net/p/mpd/bugs/69/ | Exploit, Third Party Advisory | |
| secteam@freebsd.org | https://sourceforge.net/p/mpd/svn/2374/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceforge.net/p/mpd/bugs/69/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceforge.net/p/mpd/svn/2374/ | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mpd_project | mpd | * | |
| stormshield | stormshield_network_security | * | |
| stormshield | stormshield_network_security | 4.4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mpd_project:mpd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B163FDA-5474-4EAB-8DA3-54F83A4E8319",
"versionEndExcluding": "5.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "697F15F6-AED1-4013-A06D-BDF26622B1D1",
"versionEndExcluding": "4.3.17",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDEAFC4-01D3-42B0-A9DC-DE19B63F182B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would result in a denial of service condition."
},
{
"lang": "es",
"value": "La implementaci\u00f3n PPP de MPD versiones anteriores a 5.9, permite a un atacante remoto que puede enviar un mensaje de autenticaci\u00f3n PPP espec\u00edficamente dise\u00f1ado causar que el demonio lea m\u00e1s all\u00e1 del b\u00fafer de memoria asignado, lo que resultar\u00eda en una condici\u00f3n de denegaci\u00f3n de servicio"
}
],
"id": "CVE-2020-7466",
"lastModified": "2024-11-21T05:37:12.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-06T14:15:13.243",
"references": [
{
"source": "secteam@freebsd.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/mpd/bugs/69/"
},
{
"source": "secteam@freebsd.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/mpd/svn/2374/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/mpd/bugs/69/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/mpd/svn/2374/"
}
],
"sourceIdentifier": "secteam@freebsd.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "secteam@freebsd.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-06 14:15
Modified
2024-11-21 05:37
Severity ?
Summary
The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secteam@freebsd.org | https://sourceforge.net/p/mpd/bugs/70/ | Exploit, Issue Tracking, Third Party Advisory | |
| secteam@freebsd.org | https://sourceforge.net/p/mpd/svn/2377/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceforge.net/p/mpd/bugs/70/ | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceforge.net/p/mpd/svn/2377/ | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mpd_project | mpd | * | |
| stormshield | stormshield_network_security | * | |
| stormshield | stormshield_network_security | 4.4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mpd_project:mpd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B163FDA-5474-4EAB-8DA3-54F83A4E8319",
"versionEndExcluding": "5.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "697F15F6-AED1-4013-A06D-BDF26622B1D1",
"versionEndExcluding": "4.3.17",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDEAFC4-01D3-42B0-A9DC-DE19B63F182B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption)."
},
{
"lang": "es",
"value": "La implementaci\u00f3n L2TP de MPD versiones anteriores a 5.9, permite a un atacante remoto que puede enviar un paquete de control L2TP espec\u00edficamente dise\u00f1ado con AVP versi\u00f3n Q.931 Causar Code para ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de la memoria)"
}
],
"id": "CVE-2020-7465",
"lastModified": "2024-11-21T05:37:11.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-06T14:15:13.167",
"references": [
{
"source": "secteam@freebsd.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/mpd/bugs/70/"
},
{
"source": "secteam@freebsd.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/mpd/svn/2377/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/mpd/bugs/70/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/mpd/svn/2377/"
}
],
"sourceIdentifier": "secteam@freebsd.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "secteam@freebsd.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}