Back to search
CVE-2008-1215
Published: Mar 9, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
29238
third-party-advisory
x_refsource_SECUNIA
[4.2] 20080307 009: SECURITY FIX: March 7, 2008
vendor-advisory
x_refsource_OPENBSD
20080229 *BSD user-ppp local root (when conditions permit)
mailing-list
x_refsource_VULN-DEV
[4.1] 20080307 014: SECURITY FIX: March 7, 2008
vendor-advisory
x_refsource_OPENBSD
20080301 Re: *BSD user-ppp local root (when conditions permit)
mailing-list
x_refsource_VULN-DEV
28090
vdb-entry
x_refsource_BID
userppp-commandexpandinterpret-bo(41034)
vdb-entry
x_refsource_XF
29234
third-party-advisory
x_refsource_SECUNIA
29240
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now