Description
ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5584
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/1655
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1974
Various Sources vendor-advisory
x_refsource_freebsd
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:70.ppp-nat.asc
Scores
EPSS
0.0074
EPSS Percentile
73.2%
Details
Status
published
Products (5)
freebsd/freebsd
3.5
freebsd/freebsd
3.5.1
freebsd/freebsd
4.0
freebsd/freebsd
4.1
freebsd/freebsd
4.1.1 stable
Published
Jan 09, 2001
Tracked Since
Feb 18, 2026