This script is Copyright (C) 2003-2013 Tenable Network Security, Inc.
The remote host is running a network tunneling application that is
affected by multiple vulnerabilities.
The remote host is running a version of l2tpd prior to 0.67.
This version is vulnerable to a buffer overflow that could allow an
attacker to gain a root shell on this host.
In addition, this program does not initialize its random number
generator. Therefore, an attacker may predict some key values and
hijack L2TP sessions established to this host.
Upgrade to l2tpd 0.68 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false
Family: Gain a shell remotely
Nessus Plugin ID: 11388 (l2tpd_overflow.nasl)
Bugtraq ID: 5451
CVE ID: CVE-2002-0872CVE-2002-0873
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.