icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Cisco IOS PPTP Packet Remote DoS (Bug ID CSCdt46181)

Medium

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

Point-to-Point Tunneling Protocol (PPTP) allows users to tunnel to an Internet Protocol (IP) network using a Point-to-Point Protocol (PPP). The protocol is described in RFC2637. PPTP implementation using Cisco IOS software releases contains a vulnerability that will crash a router if it receives a malformed or crafted PPTP packet. To expose this vulnerability, PPTP must be enabled on the router. PPTP is disabled by default. No additional special conditions are required. An attacker may use this issue to prevent a network from working properly. This vulnerability is documented as Cisco Bug ID CSCdt46181

Solution

http://www.cisco.com/warp/public/707/PPTP-vulnerability-pub.html