Poptop: >> Pptp Server Security Vulnerabilities
pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to cause a denial of service (PPTP connection tear-down) via (1) GRE packets with out-of-order sequence numbers or (2) certain GRE packets that are processed using a wrong pointer and improperly dequeued.
CVSS Score
5.0
EPSS Score
0.035
Published
2007-05-11
Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code.
CVSS Score
7.2
EPSS Score
0.001
Published
2003-12-31
ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.
CVSS Score
7.5
EPSS Score
0.747
Published
2003-05-12