Sign-up

ID

VAR-200107-0085


CVE

CVE-2001-1183


TITLE

Cisco IOS vulnerable to DoS via crafted PPTP packet sent to port 1723/tcp

Trust: 0.8

sources: CERT/CC: VU#656315

DESCRIPTION

PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet. IOS functions on numerous Cisco devices, including routers and switches. The problem occurs when a malformed PPTP packet is sent to port 1723 on the router. If this occurs, the router must be reset to regain normal functionality. The PPTP implementation in Cisco IOS Releases 12.1 and 12.2 is vulnerable

Trust: 2.7

sources: NVD: CVE-2001-1183 // CERT/CC: VU#656315 // JVNDB: JVNDB-2001-000113 // BID: 3022 // VULHUB: VHN-3988

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:12.2

Trust: 2.7

vendor:ciscomodel:iosscope:eqversion:12.1ez

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.2xq

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.1t

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.2t

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.1ya

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.2xe

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.1yd

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.1e

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.1yc

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.2xd

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:12.2xa

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:12.2xh

Trust: 1.0

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.1

Trust: 0.8

vendor:ciscomodel:ios 12.2xqscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xhscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xescope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xdscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2tscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1ydscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1ycscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1yascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1tscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1ezscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1escope: - version: -

Trust: 0.3

sources: CERT/CC: VU#656315 // BID: 3022 // JVNDB: JVNDB-2001-000113 // CNNVD: CNNVD-200107-079 // NVD: CVE-2001-1183

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2001-1183
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#656315
value: 20.79

Trust: 0.8

NVD: CVE-2001-1183
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200107-079
value: MEDIUM

Trust: 0.6

VULHUB: VHN-3988
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2001-1183
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-3988
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#656315 // VULHUB: VHN-3988 // JVNDB: JVNDB-2001-000113 // CNNVD: CNNVD-200107-079 // NVD: CVE-2001-1183

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-1183

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200107-079

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200107-079

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2001-000113

PATCH
title:PPTP-vulnerability-puburl:http://www.cisco.com/warp/public/707/PPTP-vulnerability-pub.html
Trust: 0.8
title:2001-07-12-00url:http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/PPTP-vulnerability-pub-j.shtml
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2001-000113

EXTERNAL IDS
db:BIDid:3022
Trust: 3.6
db:CERT/CCid:VU#656315
Trust: 3.3
db:NVDid:CVE-2001-1183
Trust: 2.5
db:OSVDBid:802
Trust: 1.7
db:JVNDBid:JVNDB-2001-000113
Trust: 0.8
db:CNNVDid:CNNVD-200107-079
Trust: 0.7
db:CISCOid:20010712 CISCO IOS PPTP VULNERABILITY
Trust: 0.6
db:XFid:6835
Trust: 0.6
db:VULHUBid:VHN-3988
Trust: 0.1
sources:
            
            
            CERT/CC: VU#656315 // 
            
            
            
            VULHUB: VHN-3988 // 
            
            
            
            BID: 3022 // 
            
            
            
            JVNDB: JVNDB-2001-000113 // 
            
            
            
            CNNVD: CNNVD-200107-079 // 
            
            
            
            NVD: CVE-2001-1183

REFERENCES
url:http://www.securityfocus.com/bid/3022
Trust: 3.3
url:http://www.cisco.com/warp/public/707/pptp-vulnerability-pub.html
Trust: 2.5
url:http://www.kb.cert.org/vuls/id/656315
Trust: 2.5
url:http://www.osvdb.org/802
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/6835
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-1183
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-1183
Trust: 0.8
url:http://xforce.iss.net/static/6835.php
Trust: 0.6
sources:
            
            
            CERT/CC: VU#656315 // 
            
            
            
            VULHUB: VHN-3988 // 
            
            
            
            JVNDB: JVNDB-2001-000113 // 
            
            
            
            CNNVD: CNNVD-200107-079 // 
            
            
            
            NVD: CVE-2001-1183

CREDITS
Published in a Cisco Security Advisory on July 12, 2001.
Trust: 0.3
sources:
            
            
            BID: 3022

SOURCES
db:CERT/CCid:VU#656315
db:VULHUBid:VHN-3988
db:BIDid:3022
db:JVNDBid:JVNDB-2001-000113
db:CNNVDid:CNNVD-200107-079
db:NVDid:CVE-2001-1183

LAST UPDATE DATE
2024-08-14T15:20:22.283000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#656315date:2004-02-23T00:00:00
db:VULHUBid:VHN-3988date:2017-10-10T00:00:00
db:BIDid:3022date:2001-07-12T00:00:00
db:JVNDBid:JVNDB-2001-000113date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200107-079date:2005-05-02T00:00:00
db:NVDid:CVE-2001-1183date:2017-10-10T01:30:01.797

SOURCES RELEASE DATE
db:CERT/CCid:VU#656315date:2001-07-29T00:00:00
db:VULHUBid:VHN-3988date:2001-07-12T00:00:00
db:BIDid:3022date:2001-07-12T00:00:00
db:JVNDBid:JVNDB-2001-000113date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200107-079date:2001-07-12T00:00:00
db:NVDid:CVE-2001-1183date:2001-07-12T04:00:00