Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: Bill Talcott on October 31, 2002, 05:21:47 PM

Title: Win2k/XP PPTP vulnerability
Post by: Bill Talcott on October 31, 2002, 05:21:47 PM: Since a lot of people here are using PPTP VPNs, I thought I'd pass this on.

http://www.microsoft.com/technet/security/bulletin/MS02-063.asp

It's an unchecked buffer denial of service exploit. To attack a client, they'd need to do it during an active PPTP session, and it is very difficult to make it do anything other than crash (i.e. run code). Probably not a big concern, but you should patch it up...

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy | Terms and Policies