Windows NT 4.0 PPTP Vulnerable to Denial of Service Attack

Reported February 13, 2001, by Microsoft.

VERSIONS AFFECTED
  • Microsoft Windows NT 4.0 PPTP

DESCRIPTION

A Denial of Service (DoS) attack against Windows NT Server 4.0 installations running PPTP has been discovered. A flaw in the PPTP code lets a specific data packet cause a leak in the kernel memory. The server must receive a number of the special packets before there is a leak.

VENDOR RESPONSE

Microsoft has released a security bulletin, MS01-009.

CREDIT
Discovered by
Kirk Corey.

 
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish