http://www.eweek.com/article2/0,3959,560113,00.asp
VPN Flaw Could Clear Way for Hackers
By Dennis Fisher
There is a serious flaw in the VPN service included with Windows 2000 and
XP that could provide an attacker with a clear path through corporate
firewalls, according to an Austrian security company. The VPN (virtual
private network) client and server that ship with Windows 2000 and XP use
the PPTP (point-to-point tunneling protocol) for secure transmissions
between remote clients and the server inside the firewall. Researchers at
Phion Information Technologies have found a way to send a specially
crafted PPTP packet to the server, which results in a buffer overrun.
The exploit would result in the attacker's data overwriting a portion of
the machine's kernel memory, Phion said in its bulletin. However, a
Microsoft spokesman said the company's Security Response Center has been
unable to reproduce the code-execution exploit. As of Friday afternoon,
the company was still investigating the issue. Phion also said it had
used the exploit to cause a denial-of-service on machines running Windows
2000 Service Pack 3 or XP. Microsoft has not issued a patch for the
vulnerability. If what Phion says is true, the vulnerability is
potentially a very damaging one. VPNs are typically used by remote
corporate workers who need secure access to their companies' networks. An
attacker exploiting this flaw would have a clear, secure tunnel directly
into the heart of a vulnerable network. Phion posted its advisory to the
BugTraq security mailing list Thursday.
_______________________________________________
http://www.mccmedia.com/mailman/listinfo/brin-l
