Cisco IOS PPTP Packet Remote DoS (Bug ID CSCdt46181)
Medium Nessus Network Monitor Plugin ID 2206
SynopsisThe remote host is vulnerable to a Denial of Service (DoS) attack.
DescriptionPoint-to-Point Tunneling Protocol (PPTP) allows users to tunnel to an Internet Protocol (IP) network using a Point-to-Point Protocol (PPP). The protocol is described in RFC2637. PPTP implementation using Cisco IOS software releases contains a vulnerability that will crash a router if it receives a malformed or crafted PPTP packet. To expose this vulnerability, PPTP must be enabled on the router. PPTP is disabled by default. No additional special conditions are required. An attacker may use this issue to prevent a network from working properly. This vulnerability is documented as Cisco Bug ID CSCdt46181