CVE-2016-6398

Name of the Vulnerable Software and Affected Versions Cisco IOS version 15.5(3)M

Description A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) server functionality in Cisco IOS Software could allow an unauthenticated, remote attacker to access data from a packet buffer that was previously used. The vulnerability is due to the use of a previously used packet buffer whose content was not cleared from memory. An attacker could exploit this vulnerability by sending a PPTP connection request to a device that is running a vulnerable release of the affected software and is configured for PPTP server functionality. A successful exploit could allow the attacker to access up to 63 bytes of memory that were previously used for a packet and were either destined to the device or generated by the device.

Recommendations As a temporary workaround, consider disabling the PPTP server functionality until a patch is available. Restrict access to the PPTP connection request to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.