ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| poptop | pptp_server | 1.1.2 |
| poptop | pptp_server | 1.0.1 |
| poptop | pptp_server | 1.1.4b1 |
| poptop | pptp_server | 1.1.3 |
| poptop | pptp_server | 1.1.4b2 |
| poptop | pptp_server | 1.1.3_2002-10-09 |
Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| poptop | pptp_server | 1.1.4b1 |
| poptop | pptp_server | 1.1.4b3 |
| poptop | pptp_server | 1.1.4b2 |