PoPToP PPTP ctrlpacket.c Negative Read Remote Overflow

critical Nessus Plugin ID 11540

Language:

Synopsis

Arbitrary code may be run on the remote server.

Description

The remote PPTP server has remote buffer overflow vulnerability. The problem occurs due to insufficient sanity checks when referencing user-supplied input used in various calculations. As a result, it may be possible for an attacker to trigger a condition where sensitive memory can be corrupted. Successful exploitation of this issue may allow an attacker to execute arbitrary code with the privileges of the affected server.

Solution

The vendor has released updated releases of PPTP server that address this issue. Users are advised to upgrade as soon as possible.

Plugin Details

Severity: Critical

ID: 11540

File Name: poptop_negative_read.nasl

Version: 1.24

Type: remote

Published: 4/16/2003

Updated: 3/6/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:poptop:pptp_server

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 4/9/2003

Exploitable With

Metasploit (Poptop Negative Read Overflow)

Reference Information

CVE: CVE-2003-0213

BID: 7316

SuSE: SUSE-SA:2003:029