Cisco IOS PPTP Packet Remote DoS (Bug ID CSCdt46181)

Medium Nessus Network Monitor Plugin ID 2206


The remote host is vulnerable to a Denial of Service (DoS) attack.


Point-to-Point Tunneling Protocol (PPTP) allows users to tunnel to an Internet Protocol (IP) network using a Point-to-Point Protocol (PPP). The protocol is described in RFC2637. PPTP implementation using Cisco IOS software releases contains a vulnerability that will crash a router if it receives a malformed or crafted PPTP packet. To expose this vulnerability, PPTP must be enabled on the router. PPTP is disabled by default. No additional special conditions are required. An attacker may use this issue to prevent a network from working properly. This vulnerability is documented as Cisco Bug ID CSCdt46181


Plugin Details

Severity: Medium

ID: 2206

File Name: 2206.prm

Family: SNMP

Published: 2004/09/03

Modified: 2016/01/21

Nessus ID: 10979

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C


Base Score: 5.3

Temporal Score: 4.6


Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2001-1183

BID: 3022