MidnightBSD

Advisories for poptop

CVE-2003-0213 HIGH

ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
poptop pptp_server 1.1.2
poptop pptp_server 1.0.1
poptop pptp_server 1.1.4b1
poptop pptp_server 1.1.3
poptop pptp_server 1.1.4b2
poptop pptp_server 1.1.3_2002-10-09
CVE-2003-1455 HIGH

Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
poptop pptp_server 1.1.4b1
poptop pptp_server 1.1.4b3
poptop pptp_server 1.1.4b2