Ppp · Ppp · CVE-2015-3310
**Name of the Vulnerable Software and Affected Versions**
ppp versions 2.4.6 and earlier
**Description**
A buffer overflow issue exists in the `rc mksid` function, located in `plugins/radius/util.c`, which can be triggered when the PID for `pppd` exceeds 65535. This allows remote attackers to cause a denial of service by sending a start accounting message to the RADIUS server.
**Recommendations**
For versions 2.4.6 and earlier, consider restricting the PID for `pppd` to 65535 or less as a temporary workaround to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.