Alias(es)Microsoft.PPTP.Start.Control.Request.Buffer.Overflow |
Release DateJul 18, 2006 |
Severityhigh |
ImpactSystem CompromiseDenial of Service |
DescriptionIndicates a possible attempt at exploiting a buffer overflow vulnerability in the Microsoft PPTP Service on Windows XP and Windows 2000. An attacker may send a carefully crafted packet that may cause memory to be corrupted with the malformed control data and send it to the PPTP process. This may result in a denial of service or possibly execute the attacker-supplied malicious code. |
Affected ProductsMicrosoft Windows XP Home/Professional SP1Microsoft Windows XP Home/Professional Microsoft Windows XP 64-bit Edition SP1 Microsoft Windows XP 64-bit Edition Microsoft Windows 2000 Professional/Server SP1 - SP3 Microsoft Windows 2000 Professional/Server Microsoft Windows 2000 Advanced/Datacenter Server SP1 - SP3 Microsoft Windows 2000 Advanced/Datacenter Server |
Recommended ActionsMicrosoft has released a critical update, MS02-063, that fixes this vulnerability. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2002-1214 |
Reference/shttp://www.securityfocus.com/bid/5807 (BugTraq)http://technet.microsoft.com/en-us/security/bulletin/MS02-063.mspx (MS-ID) |
