CVE-2007-0244

Name of the Vulnerable Software and Affected Versions pptpd versions prior to 1.3.4

Description The issue allows remote attackers to cause a denial of service, specifically a PPTP connection tear-down, via certain GRE packets. This can be achieved by sending GRE packets with out-of-order sequence numbers or certain GRE packets that are processed using a wrong pointer and improperly dequeued. The vulnerability can be exploited remotely, potentially leading to a disruption in the availability of protected information.

Recommendations For versions prior to 1.3.4, update to version 1.3.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the PPTP connection to minimize the risk of exploitation.