Cisco IOS Malformed PPTP Packet Remote DoS (CSCdt46181)

This script is (C) 2002-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Point-to-Point Tunneling Protocol (PPTP) allows users to tunnel to an
Internet Protocol (IP) network using a Point-to-Point Protocol (PPP).
The protocol is described in RFC2637.

PPTP implementation using Cisco IOS software releases contains a
vulnerability that will crash a router if it receives a malformed or
crafted PPTP packet. To expose this vulnerability, PPTP must be
enabled on the router. PPTP is disabled by default. No additional
special conditions are required.

An attacker may use this issue to prevent your network
from working properly.

This vulnerability is documented as Cisco Bug ID CSCdt46181.

Solution :

http://www.nessus.org/u?1583fe45

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 10979 (CSCdt46181.nasl)

Bugtraq ID: 3022

CVE ID: CVE-2001-1183

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial