17-Yr-Old RCE Flaw Can Hack Several Linux Systems


Several Linux-based operating systems are affected by a 17-year old remote code execution (RCE) flaw which affects Point-to-Point Protocol daemon (pppd) software. Pppd software not only comes pre-installed in most of the Linux systems but also powers the firmware of popular networking devices.

Point-to-point protocol daemon is used to manage network connections between two nodes, mostly broadband connections when PPPoE or PPPoA protocols are used over DSL broadband connections or VPNs.


17-Yr-Old RCE Flaw Can Hack Several Linux Systems


The RCE flaw has been discovered by Ija Van Sprundel, an IOActive security researcher. The critical flaw may be a stack buffer overflow vulnerability that arises because of a logical error within the Extensible Authentication Protocol (EAP) packet parser of the daemon software.

According to an advisory issued by US-CERT, the vulnerability has been tagged as CVE-2020-8597 and has the CVSS score of 9.8 indicating the severity.

A hacker can exploit the flaw and execute arbitrary code on an affected system remotely thus taking up the complete control of the system. The flaw is often exploited by sending a crooked EAP packer to the target pppd client or server.

What makes the vulnerability highly severe is that the proven fact that point-to-point protocol daemon often has high privileges. Thus, if a hacker takes control over a server by exploiting the flaw, he could gain access to root-level privileges.



Affected Linux Operating Systems & Devices


As per Mr. Sprundel, the flaw persists through pppd versions 2.4.2 through 2.4.8 or all the versions released within the last 17 years. He has confirmed that the subsequent Linux distributions are suffering from the pppd flaw:

  • NetBSD
  • Ubuntu
  • Debian
  • Fedora
  • Red Hat Enterprise Linux
  • SUSE Linux

Additionally, the subsequent devices also ship the affected versions of pppd and are susceptible to attack:

  • TP-LINK products
  • Synology products
  • Cisco Call Manager
  • OpenWRT Embedded OS

We advise our readers to update their systems as soon because the patch is out there to evade a possible attack.





Thank you for reading this article. Do let me know for any queries in comment section below.




Sharing is caring

google
linkedin

About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).


You may also like :-




Leave a Comment

Your email address will not be published. Required fields are marked *




Stay Connected

Popular Posts

Get Latest Stuff Through Email


Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..