ID CVE-2007-0244
Summary pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to cause a denial of service (PPTP connection tear-down) via (1) GRE packets with out-of-order sequence numbers or (2) certain GRE packets that are processed using a wrong pointer and improperly dequeued.
References
Vulnerable Configurations
  • Debian GNU/Linux 4.0
    cpe:2.3:o:debian:debian_linux:4.0
  • cpe:2.3:o:debian:debian_linux:4.0:-:alpha
    cpe:2.3:o:debian:debian_linux:4.0:-:alpha
  • cpe:2.3:o:debian:debian_linux:4.0:-:amd64
    cpe:2.3:o:debian:debian_linux:4.0:-:amd64
  • cpe:2.3:o:debian:debian_linux:4.0:-:arm
    cpe:2.3:o:debian:debian_linux:4.0:-:arm
  • cpe:2.3:o:debian:debian_linux:4.0:-:hppa
    cpe:2.3:o:debian:debian_linux:4.0:-:hppa
  • cpe:2.3:o:debian:debian_linux:4.0:-:ia-32
    cpe:2.3:o:debian:debian_linux:4.0:-:ia-32
  • cpe:2.3:o:debian:debian_linux:4.0:-:ia-64
    cpe:2.3:o:debian:debian_linux:4.0:-:ia-64
  • cpe:2.3:o:debian:debian_linux:4.0:-:m68k
    cpe:2.3:o:debian:debian_linux:4.0:-:m68k
  • cpe:2.3:o:debian:debian_linux:4.0:-:mips
    cpe:2.3:o:debian:debian_linux:4.0:-:mips
  • cpe:2.3:o:debian:debian_linux:4.0:-:mipsel
    cpe:2.3:o:debian:debian_linux:4.0:-:mipsel
  • cpe:2.3:o:debian:debian_linux:4.0:-:powerpc
    cpe:2.3:o:debian:debian_linux:4.0:-:powerpc
  • cpe:2.3:o:debian:debian_linux:4.0:-:s390
    cpe:2.3:o:debian:debian_linux:4.0:-:s390
  • cpe:2.3:o:debian:debian_linux:4.0:-:sparc
    cpe:2.3:o:debian:debian_linux:4.0:-:sparc
  • cpe:2.3:a:poptop:pptp_server:1.3.3
    cpe:2.3:a:poptop:pptp_server:1.3.3
CVSS
Base: 5.0 (as of 11-05-2007 - 09:09)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_PPTPD-3284.NASL
    description Specially crafted GRE packets can crash pptpd (CVE-2007-0244).
    last seen 2018-09-01
    modified 2018-07-19
    plugin id 27403
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27403
    title openSUSE 10 Security Update : pptpd (pptpd-3284)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200705-18.NASL
    description The remote host is affected by the vulnerability described in GLSA-200705-18 (PPTPD: Denial of Service attack) James Cameron from HP has reported a vulnerability in PPTPD caused by malformed GRE packets. Impact : A remote attacker could exploit this vulnerability to cause a Denial of Service on the PPTPD connection. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 25263
    published 2007-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25263
    title GLSA-200705-18 : PPTPD: Denial of Service attack
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-459-1.NASL
    description A flaw was discovered in the PPTP tunnel server. Remote attackers could send a specially crafted packet and disrupt established PPTP tunnels, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 28057
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28057
    title Ubuntu 6.06 LTS / 6.10 / 7.04 : pptpd vulnerability (USN-459-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-459-2.NASL
    description USN-459-1 fixed vulnerabilities in pptpd. However, a portion of the fix caused a regression in session establishment under Dapper for certain PPTP clients. This update fixes the problem. We apologize for the inconvenience. A flaw was discovered in the PPTP tunnel server. Remote attackers could send a specially crafted packet and disrupt established PPTP tunnels, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 28058
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28058
    title Ubuntu 6.06 LTS : pptpd vulnerabilities (USN-459-2)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1288.NASL
    description It was discovered that the PoPToP Point to Point Tunneling Server contains a programming error, which allows the tear-down of a PPTP connection through a malformed GRE packet, resulting in denial of service. The oldstable distribution (sarge) is not affected by this problem.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 25177
    published 2007-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25177
    title Debian DSA-1288-1 : pptpd - programming error
refmap via4
bid 23886
confirm http://sourceforge.net/project/shownotes.php?release_id=501476&group_id=44827
debian DSA-1288
gentoo GLSA-200705-18
sectrack 1018064
secunia
  • 25220
  • 25255
  • 26987
suse
  • SUSE-SR:2007:010
  • SUSE-SR:2007:019
trustix 2007-0017
ubuntu
  • USN-459-1
  • USN-459-2
vupen ADV-2007-1743
Last major update 07-03-2011 - 21:49
Published 11-05-2007 - 00:19
Back to Top