CVE-2001-0026

rp-pppoe - Denial of Service via Clamp MSS Option

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0026. PoCs published by dethy.

AI-analyzed exploit summary This Perl script exploits a denial-of-service vulnerability in Roaring Penguin Software's PPPoE client by sending malformed TCP packets with a zero-length option, causing an infinite loop and terminating the PPP connection. It uses the Net::RawIP module to craft and send the packets.

Description

rp-pppoe PPPoE client allows remote attackers to cause a denial of service via the Clamp MSS option and a TCP packet with a zero-length TCP option.

Exploits (1)

exploitdb WORKING POC VERIFIED

by dethy · perldoslinux

https://www.exploit-db.com/exploits/20494

View Code ZIP pw:eip

This Perl script exploits a denial-of-service vulnerability in Roaring Penguin Software's PPPoE client by sending malformed TCP packets with a zero-length option, causing an infinite loop and terminating the PPP connection. It uses the Net::RawIP module to craft and send the packets.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Roaring Penguin Software's PPPoE client (RedHat 7.0)

No auth needed

Prerequisites: Network access to the target · Perl with Net::RawIP module

MITRE ATT&CK