FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

MPD5 PPPoE Server remotely exploitable crash

Affected packages
5.0 <= mpd5
mpd5 < 5.9_2

Details

VuXML ID f55921aa-10c9-11ec-8647-00e0670f2660
Discovery 2021-09-04
Entry 2021-09-09

Version 5.9_2 contains security fix for PPPoE servers. Insufficient validation of incoming PPPoE Discovery request specially crafted by unauthenticated user might lead to unexpected termination of the process. The problem affects mpd versions since 5.0. Installations not using PPPoE server configuration were not affected.

References

URL http://mpd.sourceforge.net/doc5/mpd4.html#4