Poptop : Security Vulnerabilities, CVEs,
pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to cause a denial of service (PPTP connection tear-down) via (1) GRE packets with out-of-order sequence numbers or (2) certain GRE packets that are processed using a wrong pointer and improperly dequeued.
Max CVSS
5.0
EPSS Score
14.98%
Published
2007-05-11
Updated
2011-03-08
Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code.
Max CVSS
7.2
EPSS Score
0.04%
Published
2003-12-31
Updated
2017-07-29
CVE-2003-0213
Public exploit
ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.
Max CVSS
7.5
EPSS Score
34.12%
Published
2003-05-12
Updated
2016-10-18
3 vulnerabilities found