| VID |
29039 |
| Severity |
30 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco IOS has a PPTP denial of service vulnerability (Cisco Bug ID CSCdt46181). Point-to-point Tunneling Protocol (PPTP) is a protocol designed to provide secure remote connections over insecure channels. By repeatedly exploiting this vulnerability, it is possible to cause permanent Denial of Service (DoS). This denial is not only of the PPTP functionality but the whole router will stop functioning.
By sending a crafted PPTP packet to port 1723, a control PPTP port, it is possible to crash the router. This vulnerability does not require special router configuration. Enabling PPTP is sufficient to expose the vulnerability. The router will crash after it receives a single packet.
* Note: This check solely relies on the version number of the remote system to assess this vulnerability, so this may be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://www.cisco.com/warp/public/707/PPTP-vulnerability-pub.html
http://www.kb.cert.org/vuls/id/656315
* Platforms Affected:
Cisco IOS 12.1E
Cisco IOS 12.1EZ
Cisco IOS 12.1T
Cisco IOS 12.1YA
Cisco IOS 12.1YC
Cisco IOS 12.1YD
Cisco IOS 12.2
Cisco IOS 12.2T
Cisco IOS 12.2XA
Cisco IOS 12.2XD
Cisco IOS 12.2XE
Cisco IOS 12.2XH
Cisco IOS 12.2XQ |
| Recommendation |
Upgrade to the fixed versions of Cisco IOS, as listed in Cisco Security Advisory at:
http://www.cisco.com/warp/public/707/PPTP-vulnerability-pub.html
Upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com . |
| Related URL |
CVE-2001-1183 (CVE) |
| Related URL |
3022 (SecurityFocus) |
| Related URL |
6835 (ISS) |
|
