LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: July 25th, 2014
Linux Advisory Watch: July 18th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: pptpd vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu A flaw was discovered in the PPTP tunnel server. Remote attackers could send a specially crafted packet and disrupt established PPTP tunnels, leading to a denial of service.
=========================================================== 
Ubuntu Security Notice USN-459-1               May 14, 2007
pptpd vulnerability
CVE-2007-0244
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  pptpd                                    1.2.3-1ubuntu0.1

Ubuntu 6.10:
  pptpd                                    1.3.0-1ubuntu1.1

Ubuntu 7.04:
  pptpd                                    1.3.0-2ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

A flaw was discovered in the PPTP tunnel server. Remote attackers could 
send a specially crafted packet and disrupt established PPTP tunnels, 
leading to a denial of service.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3-1ubuntu0.1.diff.gz
      Size/MD5:     9525 4652286f82318c860e5e76083d663a7a
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3-1ubuntu0.1.dsc
      Size/MD5:      597 e9625a44d4584da014ad77eba251454f
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3.orig.tar.gz
      Size/MD5:   185721 a521e40ca304b0c125cc25f9b9d03324

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.2.3-1ubuntu0.1_amd64.deb
      Size/MD5:    20370 545e71c0d8b32e871e45e4cfc5b6ad60
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3-1ubuntu0.1_amd64.deb
      Size/MD5:    56580 04a987efa3877a0fceae2edb18b3f9f4

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.2.3-1ubuntu0.1_i386.deb
      Size/MD5:    19594 1799e178a5987452c890d56c52a9be0f
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3-1ubuntu0.1_i386.deb
      Size/MD5:    54090 1ea05584c2e45f278fb8d33af0d5ae6f

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.2.3-1ubuntu0.1_powerpc.deb
      Size/MD5:    20266 8de4f690aa76298f8fd0be5177a6d4ed
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3-1ubuntu0.1_powerpc.deb
      Size/MD5:    58214 9d8bd2969a2fa04a2b7c9aa96d8f907e

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.2.3-1ubuntu0.1_sparc.deb
      Size/MD5:    20050 c4238aecb4637927d17a459cacdfc67e
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3-1ubuntu0.1_sparc.deb
      Size/MD5:    54492 865f4e30dcff960623b51f2b8b7c3606

Updated packages for Ubuntu 6.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0-1ubuntu1.1.diff.gz
      Size/MD5:    10658 4cdd436b493b97c08e2d8f9c3f0b8e78
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0-1ubuntu1.1.dsc
      Size/MD5:      598 8debde20d9628b9bfd6b31821db08c34
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0.orig.tar.gz
      Size/MD5:   204099 75d494e881f7027f4e60b114163f6b67

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.3.0-1ubuntu1.1_amd64.deb
      Size/MD5:    20598 f5560532c5a5223bd564b055bd0abf51
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0-1ubuntu1.1_amd64.deb
      Size/MD5:    59582 e42730cfba2837b3c6150ba56d6f9902

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.3.0-1ubuntu1.1_i386.deb
      Size/MD5:    20114 b10592444d29719ffd929221d905e25c
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0-1ubuntu1.1_i386.deb
      Size/MD5:    57270 a2301734c0e64841c813fc7a98ccd078

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.3.0-1ubuntu1.1_powerpc.deb
      Size/MD5:    20758 67b6f33a7b82b79799ebf848b2841862
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0-1ubuntu1.1_powerpc.deb
      Size/MD5:    61800 97721f1023449e7748d3cc046d7dae13

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.3.0-1ubuntu1.1_sparc.deb
      Size/MD5:    20330 07990d07edc743e826673113a0107c81
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0-1ubuntu1.1_sparc.deb
      Size/MD5:    57270 2703d5648dbdb6cc8be04e3af1d73b7c

Updated packages for Ubuntu 7.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0-2ubuntu2.1.diff.gz
      Size/MD5:    11874 e81de357dfab8f29c3599625d81fc8cf
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0-2ubuntu2.1.dsc
      Size/MD5:      691 8c0d9ed20da4b2d5c7bc0e0d9af7c041
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0.orig.tar.gz
      Size/MD5:   204099 75d494e881f7027f4e60b114163f6b67

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.3.0-2ubuntu2.1_amd64.deb
      Size/MD5:    21054 f3435c33df5e7edca459e840b28250ba
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0-2ubuntu2.1_amd64.deb
      Size/MD5:    60236 c83890c810e301e953a7e727dea4fb5f

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.3.0-2ubuntu2.1_i386.deb
      Size/MD5:    20522 5848f785378f0b6fd5da58c1bb52e0c5
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0-2ubuntu2.1_i386.deb
      Size/MD5:    57932 434b72a6df46510351da38769f8daded

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.3.0-2ubuntu2.1_powerpc.deb
      Size/MD5:    21712 d9aeb4185431c0f698f70ebd48be067e
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0-2ubuntu2.1_powerpc.deb
      Size/MD5:    65494 709ade3791d02115930e5640c1a9ae07

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.3.0-2ubuntu2.1_sparc.deb
      Size/MD5:    21006 a6f1fa7420c618bf629ff0fd5588ce83
    http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.3.0-2ubuntu2.1_sparc.deb
      Size/MD5:    58696 be68b75cd3cf01e5c4bcf79070e1587e


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Four fake Google haxbots hit YOUR WEBSITE every day
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
The Barnaby Jack Few Knew: Celebrated Hacker Saw Spotlight as 'Necessary Evil'
What I Learned from Edward Snowden at the Hacker Conference
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.