CVE-2003-0213

Name of the Vulnerable Software and Affected Versions: PPTP server versions prior to 1.1.4-b3

Description: The issue allows remote attackers to cause a denial of service. This is achieved by setting a length field to 0 or 1, which results in a negative value being used in a read operation, leading to a buffer overflow.

Recommendations: For versions prior to 1.1.4-b3, update to version 1.1.4-b3 or later to resolve the issue. As a temporary workaround, consider restricting access to the ctrlpacket.c module to minimize the risk of exploitation.