Family: Gain root remotely --> Category: infos
l2tpd < 0.68 overflow Vulnerability Scan
Vulnerability Scan Summary
Acertains the version of the remote l2tpd
Detailed Explanation for this Vulnerability Test
The remote host is running a version of l2tpd which is older or
equal to 0.67.
This version is vulnerable to a buffer overflow
which may allow a possible hacker to gain a root shell on this host.
In addition, this program does not initialize its random number generator.
Therefore, a possible hacker may predict some key values and hijack L2TP sessions
established to this host.
Solution : upgrade to l2tpd 0.68 or newer
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.