5

CVE-2007-0244

pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to cause a denial of service (PPTP connection tear-down) via (1) GRE packets with out-of-order sequence numbers or (2) certain GRE packets that are processed using a wrong pointer and improperly dequeued.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PoptopPptp Server Version <= 1.3.3
   DebianDebian Linux Version4.0
   DebianDebian Linux Version4.0 Editionalpha
   DebianDebian Linux Version4.0 Editionamd64
   DebianDebian Linux Version4.0 Editionarm
   DebianDebian Linux Version4.0 Editionhppa
   DebianDebian Linux Version4.0 Editionia-32
   DebianDebian Linux Version4.0 Editionia-64
   DebianDebian Linux Version4.0 Editionm68k
   DebianDebian Linux Version4.0 Editionmips
   DebianDebian Linux Version4.0 Editionmipsel
   DebianDebian Linux Version4.0 Editionpowerpc
   DebianDebian Linux Version4.0 Editions390
   DebianDebian Linux Version4.0 Editionsparc
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.31% 0.812
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/26987
http://www.novell.com/linux/security/advisories/2007_19_sr.html
http://secunia.com/advisories/25220
http://www.novell.com/linux/security/advisories/2007_10_sr.html
http://secunia.com/advisories/25255
http://www.trustix.org/errata/2007/0017/
http://security.gentoo.org/glsa/glsa-200705-18.xml
http://sourceforge.net/project/shownotes.php?release_id=501476&group_id=44827
http://www.debian.org/security/2007/dsa-1288
Patch
Vendor Advisory
http://www.securityfocus.com/bid/23886
http://www.securitytracker.com/id?1018064
http://www.ubuntu.com/usn/usn-459-1
http://www.ubuntu.com/usn/usn-459-2
http://www.vupen.com/english/advisories/2007/1743