3 matches found
CVE-2003-0213
CVE-2003-0213 affects PoPToP PPTP server: a buffer overflow in ctrlpacket.c allows a remote attacker to cause denial of service (and potentially execute code) by sending a PPTP control packet with a length field of 0 or 1, which feeds a negative value into a read. Affected are PoPToP versions pri...
CVE-2007-0244
CVE-2007-0244 affects PoPToP PPTP Server (pptpd) prior to version 1.3.4. The vulnerability stems from how pptpd handles GRE traffic, specifically (1) out-of-order GRE sequence numbers and (2) a faulty pointer/dequeue path in processing certain GRE packets, which can cause a denial of service by t...
CVE-2003-1455
PoPToP VPN software is affected by a local-privilege-elevation vulnerability in the launch_bcrelay function (pptpctrl.c). The issue impacts PoPToP 1.1.4-b1 through 1.1.4-b3, enabling local users to execute arbitrary code due to multiple buffer overflows. Connected documents specify the vulnerable...