CISCO : CSCdt46181

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.10979

Category: CISCO

Title: CSCdt46181

Summary: NOSUMMARY

Description: Description:

Point-to-Point Tunneling Protocol (PPTP) allows users to tunnel to an
Internet Protocol (IP) network using a Point-to-Point Protocol (PPP).
The protocol is described in RFC2637.

PPTP implementation using Cisco IOS® software releases contains a
vulnerability that will crash a router if it receives a malformed or
crafted PPTP packet. To expose this vulnerability, PPTP must be
enabled on the router. PPTP is disabled by default. No additional
special conditions are required.

An attacker may use this issue to prevent your network
from working properly

This vulnerability is documented as Cisco Bug ID CSCdt46181

Solution :
http://www.cisco.com/warp/public/707/PPTP-vulnerability-pub.html
Risk factor : High

*** As Nessus solely relied on the banner of the remote host
*** this might be a false positive

Cross-Ref: BugTraq ID: 3022
Common Vulnerability Exposure (CVE) ID: CVE-2001-1183
http://www.securityfocus.com/bid/3022
CERT/CC vulnerability note: VU#656315
http://www.kb.cert.org/vuls/id/656315
Cisco Security Advisory: 20010712 Cisco IOS PPTP Vulnerability
http://www.cisco.com/warp/public/707/PPTP-vulnerability-pub.html
http://www.osvdb.org/802
XForce ISS Database: cisco-ios-pptp-dos(6835)
https://exchange.xforce.ibmcloud.com/vulnerabilities/6835

Copyright This script is (C) 2002 Renaud Deraison

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.10979
Category:	CISCO
Title:	CSCdt46181
Summary:	NOSUMMARY
Description:	Description: Point-to-Point Tunneling Protocol (PPTP) allows users to tunnel to an Internet Protocol (IP) network using a Point-to-Point Protocol (PPP). The protocol is described in RFC2637. PPTP implementation using Cisco IOS® software releases contains a vulnerability that will crash a router if it receives a malformed or crafted PPTP packet. To expose this vulnerability, PPTP must be enabled on the router. PPTP is disabled by default. No additional special conditions are required. An attacker may use this issue to prevent your network from working properly This vulnerability is documented as Cisco Bug ID CSCdt46181 Solution : http://www.cisco.com/warp/public/707/PPTP-vulnerability-pub.html Risk factor : High * As Nessus solely relied on the banner of the remote host * this might be a false positive
Cross-Ref:	BugTraq ID: 3022 Common Vulnerability Exposure (CVE) ID: CVE-2001-1183 http://www.securityfocus.com/bid/3022 CERT/CC vulnerability note: VU#656315 http://www.kb.cert.org/vuls/id/656315 Cisco Security Advisory: 20010712 Cisco IOS PPTP Vulnerability http://www.cisco.com/warp/public/707/PPTP-vulnerability-pub.html http://www.osvdb.org/802 XForce ISS Database: cisco-ios-pptp-dos(6835) https://exchange.xforce.ibmcloud.com/vulnerabilities/6835
Copyright	This script is (C) 2002 Renaud Deraison