Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft PPTP Buffer Overflow; VPNs Vulnerable

Posted by ryuzaki0 on from the no-rest-for-the-weary-MSCE dept.

An anonymous reader writes "According to this InfoWorld article, a buffer overflow exploit has been discovered for Microsoft's PPTP implementation, which leaves Microsoft VPN solutions vulnerable to exploit. This overflow was discovered by the German security firm Phion; they have posted more info on this page." We might as well throw in yet another remote exploit for FrontPage, too. No, not last week's remote exploits - these are new. Coincidentally, the front group Microsoft organized for the purpose of quashing bug disclosure (that is, reducing Microsoft's bad press) is just now getting underway.

6 of 338 comments (clear)

  1. And its a good thing! by capt.Hij · · Score: 5, Insightful
    The other side of the coin is that limited disclosure disarms the script kiddies and cyber vandals by not giving them an exploit on a plate.

    Thank goodness they will be keeping this information from the people who will do bad things with it. I'm sure that the script kiddies would never share this information with each other! Besides the nice people who are installing these systems really should be on a "need to know" basis anyways....

    Screw the end user.

  2. Who does OIS think they are trying to kid? by snoochyboochy · · Score: 3, Insightful
    From the vnunet article... "The other side of the coin is that limited disclosure disarms the script kiddies and cyber vandals by not giving them an exploit on a plate."

    This kind of information is only going to be considered "handed on a plate" to the inexperienced/newbie script kiddie who poses a minor threat. The kind of person who is going to do real damage, who has the skills and experience to aggressively hack a system is not going to gain anything from public disclosure, they will already know about the exploit. Limiting release only protects the vendor from the incessant cry for a fix..

  3. Re:What can be exploited? by WolfWithoutAClause · · Score: 4, Insightful
    No, they said they can write to the kernel memory; the kernel is the heart of the operating system. If you can make modifications to the kernel, you can usually do anything- in Linux terms: you're 'root'.

    This is an extremely bad bug; VPN software is deployed to protect intranets whilst allowing machines outside to connect- often it is the only thing between an intranet and the outside world.

    This is a really, really worrying thing; if an exploit rather than just a DOS exists, and they indicate that they think it probably is there, it's a huge hole in tens of thousands of firewalls worldwide.

    You've always got a choice; open source, or open wallet; now you've got open firewall too, thrown in at no extra charge. Nice!

    --

    -WolfWithoutAClause

    "Gravity is only a theory, not a fact!"
  4. Doomsday? by __aadhrk6380 · · Score: 5, Insightful

    Sure, sloppy code and security holes are as bad as watered down drinks at a topless bar, but don't we get paid to stop crap like that from being perpetrated on our networks? Microsoft makes me look like a hero as far as security goes.

    Yes, Mr. Customer, I did charge you quite a bit, but I have enclosed a listing of the bugs and security flaws that I patched while I was here. These are things you usually never know about until you get burned by them, but I feel I owe it to you to stay on top of them and help you stay current...

    Microsoft+Bugs+Patches=Value added for me

    Keep up the good work, Bill!

  5. How many are buffer overflows? by Trinition · · Score: 4, Insightful

    I'd be curious to know how many are buffer overflows. Seems like at least 50% are. What would it take for Microsot to incur the overhead of checking array bounds? Java seems to do this implicitly, and it works OK for tons of applications. Ever heard of a buffer overflow EXPLOIT in Java (sure, you could get an ArrayIndexOutOfBoundsException, but it wouldn't let arbitrary code run).

  6. Re:Slashdot Exclusive: Software Not Perfect by Ralph+Wiggam · · Score: 5, Insightful

    Your sarcasm is noted.

    I write code and I've let more bugs out than I could possibly remember. They happen, it's part of the game. But two things make this type of thing mock-worthy. 1) MS has more net worth than most countries. They need to be held to a standard that their size and resources dictates. 2) Bill has quite publicly stated that security is now their number one priority. I for one have not seen any improvement in that department.

    -B