PT-2008-5520 · Apple · Ios+1
Stephen Butler
·
Published
2008-11-25
·
Updated
2022-08-09
·
CVE-2008-4227
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Apple iPhone OS versions 1.0 through 2.1
Apple iPhone OS for iPod touch versions 1.1 through 2.1
Description:
The issue concerns a change in the encryption level of PPTP VPN connections, which is lowered to a level that makes it easier for remote attackers to obtain sensitive information or hijack a connection by decrypting network traffic.
Recommendations:
For Apple iPhone OS versions 1.0 through 2.1, consider disabling PPTP VPN connections until a fix is available.
For Apple iPhone OS for iPod touch versions 1.1 through 2.1, consider disabling PPTP VPN connections until a fix is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ios
Iphone Os For Ipod Touch