Unchecked Buffer Could Enable DoS Attacks

By TS | Thomas
Oct 31, 2002
  1. Issue:
    Windows 2000 & Windows XP natively support Point-to-Point Tunneling Protocol (PPTP), a Virtual Private Networking technology that is implemented as part of Remote Access Services (RAS). PPTP support is an optional component in Windows NT 4.0, Windows 98, Windows 98SE, & Windows ME.

    A security vulnerability results in the Windows 2000 & Windows XP implementations because of an unchecked buffer in a section of code that processes the control data used to establish, maintain & tear down PPTP connections. By delivering specially malformed PPTP control data to an affected server, an attacker could corrupt kernel memory & cause the system to fail, disrupting any work in progress on the system.

    Affected Software:
    Microsoft Windows 2000
    Microsoft Windows XP

    Patch availability:
    Microsoft Windows 2000
    Microsoft Windows XP 32-bit
    Windows XP 64-bit
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...