APP: Microsoft PPTP DoS
This signature detects attempts to exploit a known vulnerability against Microsoft Point to Point Tunneling Protocol (PPTP). All versions of Microsoft Windows with PPTP server or PPTP client enabled are vulnerable. Attackers can crash the target kernel or execute arbitrary code.
Extended Description
A buffer overflow vulnerability has been reported for Microsoft's PPTP (Point to Point Tunneling Protocol) implementation. The vulnerability reportedly exists in both the PPTP server and client applications. It is possible for a malicious attacker to craft a packet which causes memory to be corrupted with attacker-supplied data and send it to the PPTP process. This may result in the execution of attacker-supplied malicious code.
Affected Products
Microsoft windows_2000_server
References
BugTraq: 5807
CVE: CVE-2002-1214
URL: http://www.microsoft.com/technet/security/Bulletin/MS02-063.mspx
Short Name
APP:PPTP:MICROSOFT-PPTP
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2002-1214 DoS Microsoft PPTP bid:5807
Release Date
02/25/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/1723
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5