Unchecked Buffer In PPTP Implementation Could Enable DOS Attacks (Q329834) Network Vulnerability

Summary

Hotfix to fix Unchecked Buffer in PPTP Implementation (Q329834) is not installed. A security vulnerability results in the Windows 2000 and Windows XP implementations because of an unchecked buffer in a section of code that processes the control data used to establish, maintain and tear down PPTP connections. By delivering specially malformed PPTP control data to an affected server, an attacker could corrupt kernel memory and cause the system to fail, disrupting any work in progress on the system. Impact of vulnerability: Denial of service Maximum Severity Rating: Critical Recommendation: Administrators should install the patch immediately. Affected Software: Microsoft Windows 2000 Microsoft Windows XP See http://www.microsoft.com/technet/security/bulletin/ms02-063.mspx

Severity

Classification

CVE CVE-2002-1214

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Microsoft DirectShow Remote Code Execution Vulnerability (961373)
Microsoft .NET Framework Remote Code Execution Vulnerability (3000414)
Cumulative Security Update for Internet Explorer (928090)
Microsoft DirectAccess Security Advisory (2862152)
Microsoft IE Developer Tools WMITools and Windows Messenger ActiveX Control Vulnerability (2508272)

Unchecked Buffer in PPTP Implementation Could Enable DOS Attacks (Q329834)

Take action and discover your vulnerabilities