Unchecked Buffer In PPTP Implementation Could Enable DOS Attacks (Q329834) Network Vulnerability

Summary

Hotfix to fix Unchecked Buffer in PPTP Implementation (Q329834) is not installed. A security vulnerability results in the Windows 2000 and Windows XP implementations because of an unchecked buffer in a section of code that processes the control data used to establish, maintain and tear down PPTP connections. By delivering specially malformed PPTP control data to an affected server, an attacker could corrupt kernel memory and cause the system to fail, disrupting any work in progress on the system. Impact of vulnerability: Denial of service Maximum Severity Rating: Critical Recommendation: Administrators should install the patch immediately. Affected Software: Microsoft Windows 2000 Microsoft Windows XP See http://www.microsoft.com/technet/security/bulletin/ms02-063.mspx

Severity

Classification

CVE CVE-2002-1214

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Buffer Overrun in Messenger Service (828035)
Cumulative Patch for Internet Information Services (Q327696)
Microsoft .NET Framework Privilege Elevation Vulnerability (3005210)
Microsoft .NET Framework Remote Code Execution Vulnerability (2706726)
Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)

Unchecked Buffer in PPTP Implementation Could Enable DOS Attacks (Q329834)

Take action and discover your vulnerabilities