Apple · Ios · CVE-2008-4227
Name of the Vulnerable Software and Affected Versions:
Apple iPhone OS versions 1.0 through 2.1
Apple iPhone OS for iPod touch versions 1.1 through 2.1
Description:
The issue concerns a change in the encryption level of PPTP VPN connections, which is lowered to a level that makes it easier for remote attackers to obtain sensitive information or hijack a connection by decrypting network traffic.
Recommendations:
For Apple iPhone OS versions 1.0 through 2.1, consider disabling PPTP VPN connections until a fix is available.
For Apple iPhone OS for iPod touch versions 1.1 through 2.1, consider disabling PPTP VPN connections until a fix is available.