CVE-2006-2194 — PPP vulnerability

6 documents6 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 82.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samba PPP Debian PPP Point-to-point Protocol Project Point-to-point Protocol

Timeline

PublishedJul 5

Latest updateMay 1

Description

The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM authentication helper from dropping privileges.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages3 packages

▶debiandebian/ppp< ppp 2.4.4rel-1 (bookworm)

▶Debiansamba/ppp< 2.4.4rel-1+3

▶NVDpoint-to-point_protocol_project/point-to-point_protocol2.4.4

Patches

Patch: secunia.com ↗Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-wh53-gc5h-qjj9: The winbind plugin in pppd for ppp 2↗2022-05-01

▶

OSV

CVE-2006-2194: The winbind plugin in pppd for ppp 2↗2006-07-05

▶

📋Vendor Advisories

Ubuntu

ppp vulnerability↗2006-07-06

▶

Debian

CVE-2006-2194: ppp - The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return c...↗2006

▶

Red Hat

CVE-2006-2194: The winbind plugin in pppd for ppp 2↗

▶