3 results (0.010 seconds)

CVSS: 5.0EPSS: 17%CPEs: 14EXPL: 0

pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to cause a denial of service (PPTP connection tear-down) via (1) GRE packets with out-of-order sequence numbers or (2) certain GRE packets that are processed using a wrong pointer and improperly dequeued. El pptpgre.c en el PoPToP Point to Point Tunneling Server (pptpd)anterior al 1.3.4 permite a atacantes remotos provocar una denegación de servicio (derribo -tear-down- de la conexión PPTP) mediante (1) paquetes GRE con secuencias de números fuera de rango o (2)ciertos paquetes GRE que son procesados utilizando un puntero erróneo y quitado de la cola incorrectamente. • http://secunia.com/advisories/25220 http://secunia.com/advisories/25255 http://secunia.com/advisories/26987 http://security.gentoo.org/glsa/glsa-200705-18.xml http://sourceforge.net/project/shownotes.php?release_id=501476&group_id=44827 http://www.debian.org/security/2007/dsa-1288 http://www.novell.com/linux/security/advisories/2007_10_sr.html http://www.novell.com/linux/security/advisories/2007_19_sr.html http://www.securityfocus.com/bid/23886 http://www.securitytracker.c •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0

Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code. • http://sourceforge.net/project/shownotes.php?release_id=138437 http://www.securityfocus.com/bid/7582 http://www.securityfocus.com/bid/7590 https://exchange.xforce.ibmcloud.com/vulnerabilities/12101 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 41%CPEs: 6EXPL: 6

ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow. ctlpacket.c en el servidor PoPToP PPTP anteriores a 1.1.4-b3 permite a atacantes remotos causar una denegación de servicio mediante una longitud de campo de 0 o 1, lo que causa que sea pasado un valor negativo en una operación de lectura, conduciendo a un desbordamiento de búfer. • https://www.exploit-db.com/exploits/9952 https://www.exploit-db.com/exploits/22479 https://www.exploit-db.com/exploits/19 https://www.exploit-db.com/exploits/16845 https://www.exploit-db.com/exploits/16 http://marc.info/?l=bugtraq&m=105068728421160&w=2 http://marc.info/?l=bugtraq&m=105154539727967&w=2 http://sourceforge.net/project/shownotes.php?release_id=138437 http://www.debian.org/security/2003/dsa-295 http://www.kb.cert.org/vuls/id/673993 http:&#x •