CVE-2008-1215

FreeBSD 6.3 and 7.0 - Stack-Based Buffer Overflow in ppp command_Expand_Interpret

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1215. PoCs published by sipherr.

AI-analyzed exploit summary The provided text is a vulnerability description for CVE-2008-1215, detailing a local denial-of-service (DoS) vulnerability in BSD PPP due to inadequate boundary checks. It mentions potential arbitrary code execution but lacks actual exploit code.

Description

Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters.

Exploits (1)

exploitdb WRITEUP VERIFIED
by sipherr · textdosbsd
https://www.exploit-db.com/exploits/31333

The provided text is a vulnerability description for CVE-2008-1215, detailing a local denial-of-service (DoS) vulnerability in BSD PPP due to inadequate boundary checks. It mentions potential arbitrary code execution but lacks actual exploit code.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: BSD PPP (FreeBSD 6.3, unspecified NetBSD and OpenBSD versions)
No auth needed
Prerequisites: Local access to the target system
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29238
Various Sources vendor-advisory x_refsource_openbsd
http://www.openbsd.org/errata42.html#009_ppp
Exploit mailing-list x_refsource_vuln-dev
http://www.securityfocus.com/archive/82/488980/30/0/threaded
Various Sources vendor-advisory x_refsource_openbsd
http://www.openbsd.org/errata41.html#014_ppp
Exploit mailing-list x_refsource_vuln-dev
http://www.securityfocus.com/archive/82/489031/30/0/threaded
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/28090
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41034
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29234
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29240

Scores

EPSS 0.0079
EPSS Percentile 51.8%

Details

CWE
CWE-264
Status published
Products (5)
freebsd/freebsd 6.3
freebsd/freebsd 7.0
netbsd/netbsd
openbsd/openbsd 4.1
openbsd/openbsd 4.2
Published Mar 09, 2008
Tracked Since Feb 18, 2026