CVE-2020-8597

This repository contains a functional PoC for CVE-2020-8597, a vulnerability in PPP over Ethernet (PPPoE) that allows a denial-of-service (DoS) attack via a malformed EAP-MD5 response packet. The PoC uses Scapy to craft and send a malicious PPPoE packet with an oversized payload, triggering a crash in the target PPPoE server.

This repository contains a functional PoC for CVE-2020-8597, a vulnerability in the PPP protocol implementation. The exploit simulates a PPPoE server and manipulates session establishment to trigger the vulnerability, likely leading to a denial-of-service (DoS) or remote code execution (RCE) condition.

This repository contains a detailed technical analysis of CVE-2020-8597, a stack buffer overflow vulnerability in the Point-to-Point Protocol Daemon (pppd) due to improper input validation in the EAP packet parser. The writeup includes root cause analysis, patch details, and exploitation techniques but does not include functional exploit code.

The repository provides a detailed technical analysis of CVE-2020-8597, a buffer overflow vulnerability in pppd's eap.c. It includes a crash backtrace, security mitigations (e.g., stack canaries), and a reference to the patch commit.