CVE-2003-0213

Опубликовано: 12 мая 2003

Источник: nvd

CVSS2: 7.5

EPSS Высокий

Описание

ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.

Ссылки

http://marc.info/?l=bugtraq&m=105068728421160&w=2
http://marc.info/?l=bugtraq&m=105154539727967&w=2
http://sourceforge.net/project/shownotes.php?release_id=138437
http://www.debian.org/security/2003/dsa-295
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/673993
US Government Resource
http://www.novell.com/linux/security/advisories/2003_029.html
http://www.securityfocus.com/archive/1/317995
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/319428
http://www.securityfocus.com/bid/7316
Exploit
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=105068728421160&w=2
http://marc.info/?l=bugtraq&m=105154539727967&w=2
http://sourceforge.net/project/shownotes.php?release_id=138437
http://www.debian.org/security/2003/dsa-295
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/673993
US Government Resource
http://www.novell.com/linux/security/advisories/2003_029.html
http://www.securityfocus.com/archive/1/317995
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/319428
http://www.securityfocus.com/bid/7316
Exploit
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:poptop:pptp_server:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:poptop:pptp_server:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:poptop:pptp_server:1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:poptop:pptp_server:1.1.3_2002-10-09:*:*:*:*:*:*:*

cpe:2.3:a:poptop:pptp_server:1.1.4b1:*:*:*:*:*:*:*

cpe:2.3:a:poptop:pptp_server:1.1.4b2:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.74735

Высокий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2003-0213

debian

около 22 лет назад

ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attac ...

GHSA-84m7-68fc-v7c9

github

около 3 лет назад