Vulnerabilities > CVE-2001-0026 - Unspecified vulnerability in Roaring Penguin Pppoe

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
roaring-penguin
nessus
exploit available

Summary

rp-pppoe PPPoE client allows remote attackers to cause a denial of service via the Clamp MSS option and a TCP packet with a zero-length TCP option.

Exploit-Db

descriptionRedHat Linux 7.0 Roaring Penguin PPPoE Denial of Service Vulnerability. CVE-2001-0026. Dos exploit for linux platform
idEDB-ID:20494
last seen2016-02-02
modified2000-12-11
published2000-12-11
reporterdethy
sourcehttps://www.exploit-db.com/download/20494/
titleRedHat Linux 7.0 - Roaring Penguin PPPoE Denial of Service Vulnerability

Nessus

NASL familyMandriva Local Security Checks
NASL idMANDRAKE_MDKSA-2000-084.NASL
descriptionrp-pppoe is a userspace PPPoE client mainly used with ADSL connections which require PPP. Versions prior to 2.5 have a security problem that, when exploited, causes the connection to be dropped. If rp-pppoe receives a crafted TCP segment with an option where the option-length field is zero (illegal), the program would enter an infinite loop and the connection would time-out and be dropped. This is only possible if the user uses the
last seen2020-06-01
modified2020-06-02
plugin id61870
published2012-09-06
reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/61870
titleMandrake Linux Security Advisory : rp-pppoe (MDKSA-2000:084)

Redhat

advisories
rhsa
idRHSA-2000:130