|
Family: Windows : Microsoft Bulletins --> Category: infos
Unchecked Buffer in PPTP Implementation Could Enable DOS Attacks (Q329834) Vulnerability Scan
Vulnerability Scan Summary Checks for MS Hotfix Q329834, Unchecked Buffer in PPTP DOS
Detailed Explanation for this Vulnerability Test
Synopsis :
It is possible to crash the remote system.
Description :
The remote version of Windows contains a flaw in his PPTP implementation.
If the remote host is configured to act as a PPTP server, a remote
attacker can send a specially crafted packet to corrupt the kernel
memory and crash the remote system.
Solution :
Microsoft has released a set of patches for Windows XP and 2000 :
http://www.microsoft.com/technet/security/bulletin/ms02-063.mspx
Threat Level:
Medium / CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:N/A:C/I:N/B:A)
Click HERE for more information and discussions on this network vulnerability scan.
|