How to Buy
This script is (C) 2010-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
Point-to-Point Tunneling Protocol (PPTP) allows users to tunnel to an
Internet Protocol (IP) network using a Point-to-Point Protocol (PPP).
The protocol is described in RFC2637.
PPTP implementation using Cisco IOS software releases contains a
vulnerability that will crash a router if it receives a malformed or
crafted PPTP packet. To expose this vulnerability, PPTP must be enabled
on the router. PPTP is disabled by default. No additional special
conditions are required.
This vulnerability is present in all Cisco IOS releases that support
PPTP. PPTP is supported in the following software releases:
No other Cisco product is vulnerable.
There is no workaround for this vulnerability.
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false
Nessus Plugin ID: 48958 (cisco-sa-20010712-pptphttp.nasl)
Bugtraq ID: 3022
CVE ID: CVE-2001-1183
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.