PoPToP PPTP Negative read() Argument Remote Buffer Overflow Vulnerability

A buffer-overflow vulnerability has been discovered in PoPToP PPTP. The problem occurs because the software fails to do sufficient sanity checks when referencing user-supplied input used in various calculations. As a result, an attacker may be able to trigger a condition that would corrupt sensitive memory.

Successful exploits of this issue may allow attackers to execute arbitrary code with the privileges of the affected server.


 

Privacy Statement
Copyright 2010, SecurityFocus