MidnightBSD

Advisories for l2tpd

CVE-2002-0872 HIGH

l2tpd 0.67 does not initialize the random number generator, which allows remote attackers to hijack sessions.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
l2tpd l2tpd 0.64
l2tpd l2tpd 0.65
l2tpd l2tpd 0.62
l2tpd l2tpd 0.67
l2tpd l2tpd 0.66
l2tpd l2tpd 0.63
CVE-2002-0873 MEDIUM

Vulnerability in l2tpd 0.67 allows remote attackers to overwrite the vendor field via a long value in an attribute/value pair, possibly via a buffer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
l2tpd l2tpd 0.64
l2tpd l2tpd 0.65
l2tpd l2tpd 0.62
l2tpd l2tpd 0.67
l2tpd l2tpd 0.66
l2tpd l2tpd 0.63
CVE-2004-0649 HIGH

Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
l2tpd l2tpd 0.64
l2tpd l2tpd 0.65
l2tpd l2tpd 0.69
l2tpd l2tpd 0.62
gentoo linux 1.4
l2tpd l2tpd 0.67
l2tpd l2tpd 0.66
l2tpd l2tpd 0.68
l2tpd l2tpd 0.63