L2tpd: Security Vulnerabilities
Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.
CVSS Score
10.0
EPSS Score
0.055
Published
2004-08-06
l2tpd 0.67 does not initialize the random number generator, which allows remote attackers to hijack sessions.
CVSS Score
7.5
EPSS Score
0.007
Published
2002-09-05
Vulnerability in l2tpd 0.67 allows remote attackers to overwrite the vendor field via a long value in an attribute/value pair, possibly via a buffer overflow.
CVSS Score
5.0
EPSS Score
0.005
Published
2002-09-05