5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
It was discovered that the PoPToP Point to Point Tunneling Server
contains a programming error, which allows the tear-down of a PPTP
connection through a malformed GRE packet, resulting in denial of
service.
The oldstable distribution (sarge) is not affected by this problem.
For the stable distribution (etch) this problem has been fixed in
version 1.3.0-2etch1.
For the unstable distribution (sid) this problem has been fixed in
version 1.3.4-1.
We recommend that you upgrade your pptpd packages.
CPE | Name | Operator | Version |
---|---|---|---|
pptpd | eq | 1.3.0-2 | |
pptpd | eq | 1.3.0-2etch1 |