VULHUB ™

A vulnerability has been discovered in Poptop pptpd-1.1.4 b3 and earlier. The problem occurs due to insufficient bounds checking before calling the fscanf() function. As a result, it may be possible for a malicious attacker to supply excessive data to the program which may trigger memory corruption. This data will be read from a file being accessed by Poptop. As a result, an attacker must have sufficient privileges to construct a file which will be read by Poptop. Successful exploitation of this issue may allow an attacker to execution arbitrary commands with the privileges of Poptop, typically root.

A vulnerability has been discovered in Poptop pptpd-1.1.4 b3 and earlier. The problem occurs due to insufficient bounds checking before calling the fscanf() function. As a result, it may be possible for a malicious attacker to supply excessive data to the program which may trigger memory corruption. This data will be read from a file being accessed by Poptop. As a result, an attacker must have sufficient privileges to construct a file which will be read by Poptop. Successful exploitation of this issue may allow an attacker to execution arbitrary commands with the privileges of Poptop, typically root.