 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.11540 |
| Kategorie: | Gain a shell remotely |
| Titel: | PPTP overflow |
| Zusammenfassung: | The remote PPTP server has remote buffer overflow vulnerability. |
| Beschreibung: | Summary: The remote PPTP server has remote buffer overflow vulnerability. Vulnerability Insight: The problem occurs due to insufficient sanity checks when referencing user-supplied input used in various calculations. As a result, it may be possible for an attacker to trigger a condition where sensitive memory can be corrupted. Vulnerability Impact: Successful exploitation of this issue may allow an attacker to execute arbitrary code with the privileges of the affected server. Solution: The vendor has released updated releases of PPTP server which address this issue. Users are advised to upgrade as soon as possible. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
BugTraq ID: 7316 Common Vulnerability Exposure (CVE) ID: CVE-2003-0213 http://www.securityfocus.com/bid/7316 Bugtraq: 20030409 PoPToP PPTP server remotely exploitable buffer overflow (Google Search) http://www.securityfocus.com/archive/1/317995 Bugtraq: 20030418 Exploit for PoPToP PPTP server (Google Search) http://marc.info/?l=bugtraq&m=105068728421160&w=2 Bugtraq: 20030422 Re: Exploit for PoPToP PPTP server - Linux version (Google Search) http://www.securityfocus.com/archive/1/319428 Bugtraq: 20030428 GLSA: pptpd (200304-08) (Google Search) http://marc.info/?l=bugtraq&m=105154539727967&w=2 CERT/CC vulnerability note: VU#673993 http://www.kb.cert.org/vuls/id/673993 Debian Security Information: DSA-295 (Google Search) http://www.debian.org/security/2003/dsa-295 SuSE Security Announcement: SuSE-SA:2003:029 (Google Search) http://www.novell.com/linux/security/advisories/2003_029.html |
| Copyright | This script is Copyright (C) 2003 Xue Yong Zhi |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |