{"id":"USN-4288-2","summary":"ppp vulnerability","details":"USN-4288-1 fixed a vulnerability in ppp. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.\n\nOriginal advisory details:\n\n It was discovered that ppp incorrectly handled certain rhostname values. A\n remote attacker could use this issue to cause ppp to crash, resulting in a\n denial of service, or possibly execute arbitrary code.\n","modified":"2026-04-27T15:36:24.996706Z","published":"2020-03-02T17:58:09Z","related":["UBUNTU-CVE-2020-8597"],"upstream":["CVE-2020-8597","UBUNTU-CVE-2020-8597"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4288-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-8597"}],"affected":[{"package":{"name":"ppp","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/ppp@2.4.5-5.1ubuntu2.3+esm1?arch=source&distro=trusty/esm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.5-5.1ubuntu2.3+esm1"}]}],"versions":["2.4.5-5.1ubuntu2","2.4.5-5.1ubuntu2.1","2.4.5-5.1ubuntu2.2","2.4.5-5.1ubuntu2.3"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro","binaries":[{"binary_name":"ppp","binary_version":"2.4.5-5.1ubuntu2.3+esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4288-2.json","cves_map":{"ecosystem":"Ubuntu:Pro:14.04:LTS","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2020-8597"}]}}}],"schema_version":"1.7.5"}