xebd/accel-ppp

xebd/accel-ppp

Releases2

Frequency3 years 8 months

Last Release almost 7 years ago

Stars309

High performance PPTP/L2TP/PPPoE/IPoE server for Linux

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-42870 ↗	May 16, 2022Monday, 16 May 2022, 14:15	7.5 HIGH	5 MEDIUM
ACCEL-PPP 1.12.0 has an out-of-bounds read in post_msg when processing a call_clear_request.
CVE-2022-0982 ↗	Mar 16, 2022Wednesday, 16 March 2022, 15:15	9.8 CRITICAL	7.5 HIGH
The telnet_input_char function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerability, whereby user input cmdline_len is copied into a fixed buffer b->buf without any bound checks. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability.
CVE-2021-42054 ↗	Oct 7, 2021Thursday, 7 October 2021, 06:15	7.5 HIGH	5 MEDIUM
ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule if the client exits after authentication.