CVE Vulnerabilities

CVE-2003-0213

Published: May 12, 2003 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.

Affected Software

Name Vendor Start Version End Version
Pptp_server Poptop 1.0.1 1.0.1
Pptp_server Poptop 1.1.2 1.1.2
Pptp_server Poptop 1.1.3 1.1.3
Pptp_server Poptop 1.1.3_2002-10-09 1.1.3_2002-10-09
Pptp_server Poptop 1.1.4b1 1.1.4b1
Pptp_server Poptop 1.1.4b2 1.1.4b2

References