Vulnerability Note VU#673993

PopTop PPTP Server contains buffer overflow in "ctrlpacket.c"

Original Release date: 29 Apr 2003 | Last revised: 01 May 2003


There is a remotely exploitable buffer overflow in PopTop. An exploit for this vulnerability exists and is publicly available.


From the PopTop web site:

    PopToP is the PPTP server solution for Linux (ports exist for Solaris 2.6, OpenBSD and FreeBSD and others).

A buffer overflow exists in ctrlpacket.c, which is used to control message packet reading, formatting, and writing. For further technical details, please see the original report.


A remote attacker may be able to crash the PPTP server or execute arbitrary code with the privileges of the PopTop server.


Upgrade to the latest version of PopTop.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
DebianAffected29 Apr 200301 May 2003
Gentoo LinuxAffected-29 Apr 2003
PopTopAffected-29 Apr 2003
Red Hat Inc.Not Affected29 Apr 200330 Apr 2003
ConectivaUnknown29 Apr 200329 Apr 2003
EngardeUnknown29 Apr 200329 Apr 2003
Hewlett-Packard CompanyUnknown29 Apr 200329 Apr 2003
Ingrian NetworksUnknown29 Apr 200329 Apr 2003
MandrakeSoftUnknown29 Apr 200329 Apr 2003
MontaVista SoftwareUnknown29 Apr 200329 Apr 2003
Openwall GNU/*/LinuxUnknown29 Apr 200329 Apr 2003
SCOUnknown29 Apr 200329 Apr 2003
SequentUnknown29 Apr 200329 Apr 2003
Sun Microsystems Inc.Unknown29 Apr 200329 Apr 2003
SuSE Inc.Unknown29 Apr 200329 Apr 2003
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



This vulnerability was discovered by Timo Sirainen.

This document was written by Ian A Finlay.

Other Information

  • CVE IDs: CAN-2003-0213
  • Date Public: 09 Apr 2003
  • Date First Published: 29 Apr 2003
  • Date Last Updated: 01 May 2003
  • Severity Metric: 27.75
  • Document Revision: 9


If you have feedback, comments, or additional information about this vulnerability, please send us email.