Denial of Service in Microsoft Windows XP and WIndows 2000 PPTP

Reported October 30, 2002, by Microsoft.

 

VERSIONS AFFECTED

  • Microsoft Windows XP

  •  Microsoft Windows 2000

 

DESCRIPTION

 

A Denial of Service (DoS) vulnerability exists in Windows XP and Windows 2000 PPTP. This DoS vulnerability is a result of an unchecked buffer in a section of code that processes the control data used to establish, maintain, and tear down PPTP connections. By delivering specially malformed PPTP control data to a vulnerable system, an attacker can corrupt kernel memory and cause the system to fail.

 

VENDOR RESPONSE

 

The vendor, Microsoft, has released Security Bulletin MS02-063 (Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks) to address this vulnerability and recommends that affected users apply the appropriate patch mentioned in the bulletin.

 

CREDIT
Discovered by Microsoft.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish