l2tpd < 0.68 Multiple Vulnerabilities

high Nessus Plugin ID 11388

Synopsis

The remote host is running a network tunneling application that is affected by multiple vulnerabilities.

Description

The remote host is running a version of l2tpd prior to 0.67.

This version is vulnerable to a buffer overflow that could allow an attacker to gain a root shell on this host.

In addition, this program does not initialize its random number generator. Therefore, an attacker may predict some key values and hijack L2TP sessions established to this host.

Solution

Upgrade to l2tpd 0.68 or later.

Plugin Details

Severity: High

ID: 11388

File Name: l2tpd_overflow.nasl

Version: 1.20

Type: remote

Family: Gain a shell remotely

Published: 3/14/2003

Updated: 7/12/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 4/9/2004

Reference Information

CVE: CVE-2002-0872, CVE-2002-0873

BID: 5451

DSA: 152

Detections

Analytics