Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » PoPToP PPTP remote buffer overflow

PoPToP PPTP remote buffer overflow

by Mario Miri on April 14th, 2003 PopToP PPTP software is vulnerable to remote buffer overflow attack due to insufficient user-supplied data checking. If successfully exploited, this could be used to corrupt sensitive memory areas and arbitrary code execution in the security context of the affected server.


Vulnerable:
PoPToP PPTP Server 1.0.1
PoPToP PPTP Server 1.1.2
PoPToP PPTP Server 1.1.3 -20021009
PoPToP PPTP Server 1.1.3
PoPToP PPTP Server 1.1.4 -b2
PoPToP PPTP Server 1.1.4 -b1


Solution:
Patches are available from the following location:
http://sourceforge.net/project/showfiles.php?group_id=44827


Discovered by:
Timo Sirainen, [email protected]


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »