не понятно почему такой score (9.8)
там ниже есть уточнение, не нужна проверка
любой аноним может payload отправить
> An additional logic flaw causes the eap_input() function to not check if EAP has been negotiated during the Line Control Protocol (LCP) phase. This allows an unauthenticated attacker to send an EAP packet even if ppp refused the authentication negotiation due to lack of support for EAP or due to mismatch of an agreed pre-shared passphrase in the LCP phase. The vulnerable pppd code in eap_input will still process the EAP packet and trigger the stack buffer overflow. This unverified data with an unknown size can be used to corrupt memory of the target system. The pppd often runs with high privileges (system or root) and works in conjunction with kernel drivers. This makes it possible for an attacker to potentially execute arbitrary code with system or root level privileges.