Bugtraq mailing list archives
Microsoft Security Bulletin (MS01-009) Malformed PPTP Packet Stream Vulnerability
From: Kirk Corey <kcorey () dsi-inc net>
Date: Sat, 17 Feb 2001 14:19:44 -0600
Microsoft has re-released the patch for the Malformed PPTP Packet Stream Vulnerability. We'll release our full advisory (with exploit) next week (bad form to release on the weekend.) In the meantime, in order to help people decide whether they need to apply the patch, I'd like to clarify a few points. The bulletin/faq only lists NT Server versions as vulnerable. In fact, NT Workstation is also vulnerable if PPTP is configured in server mode (i.e., configured to accept an incoming PPTP connection). If your NT Workstation is configured in this way, it may need to be patched. Also, the faq states that several hundred packets are not enough to exploit the vulnerability. Actually, the patch fixes two vulnerabilities in the NT PPTP component, one of which requires e.g., 400,000 packets to exploit, and the other only about 10-50. Just wanted to give the whitehats a good "heads up" before distributing the full details and exploit. The complete advisory will be available next week from our Web site at http://www.dsi-inc.net/dsi , and it will also be submitted to Bugtraq and NTBugtraq at the same time. -------------------------------------------- Kirk Corey, MCP, CCNA Manager, Information Technologies Diversified Software Industries, Inc.
Current thread:
- Microsoft Security Bulletin (MS01-009) Malformed PPTP Packet Stream Vulnerability Kirk Corey (Feb 19)