Vulnerability Disclosure

xebd / accel-ppp

High performance PPTP/L2TP/PPPoE/IPoE server for Linux

GNU General Public License v2.0

296 stars 108 forks source link

Vulnerability Disclosure #162

Open spaceraccoon opened 2 years ago

spaceraccoon commented 2 years ago

Dear accel-ppp Development Team,

I have filed a vulnerability disclosure by email to contact@accel-ppp.org. Please let me know when it is patched and we can use this issue for tracking purposes.

Thanks!

DmitriyEshenko commented 2 years ago

Hi @spaceraccoon, could you please send info to dev@accel-ppp.org?

spaceraccoon commented 2 years ago

Hi @DmitriyEshenko , okay, I have sent it. Thanks!

svlobanov commented 2 years ago

@spaceraccoon fix proposal is here https://github.com/accel-ppp/accel-ppp/pull/35

spaceraccoon commented 2 years ago

Thanks @svlobanov , could you add one more credit:

Reported-by: Chloe Ong Reported-by: Eugene Lim spaceraccoon@users.noreply.github.com Reported-by: Kar Wei Loh

The patched code looks fine.

Thank you!

whitesquirrell commented 2 years ago

Hi @DmitriyEshenko @svlobanov, we will be assigning CVEs on our end for this issue to save you time. Thanks!