=========================================================== Ubuntu Security Notice USN-459-2 May 21, 2007 pptpd vulnerabilities https://launchpad.net/bugs/115448 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: bcrelay 1.2.3-1ubuntu0.2 pptpd 1.2.3-1ubuntu0.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-459-1 fixed vulnerabilities in pptpd. However, a portion of the fix caused a regression in session establishment under Dapper for certain PPTP clients. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw was discovered in the PPTP tunnel server. Remote attackers could send a specially crafted packet and disrupt established PPTP tunnels, leading to a denial of service. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3-1ubuntu0.2.diff.gz Size/MD5: 9454 2d77f7325b22f11bc934caae910d6235 http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3-1ubuntu0.2.dsc Size/MD5: 597 99180d1dd8b3fb5d18f200bcec669beb http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3.orig.tar.gz Size/MD5: 185721 a521e40ca304b0c125cc25f9b9d03324 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.2.3-1ubuntu0.2_amd64.deb Size/MD5: 20470 3f21f2728e3ea23ee38316f5441d6d8d http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3-1ubuntu0.2_amd64.deb Size/MD5: 56676 b87a21300d9010e1a4bd38dfcc72963d i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.2.3-1ubuntu0.2_i386.deb Size/MD5: 19702 79dec9218e4c44ce9ab75ceb609494ff http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3-1ubuntu0.2_i386.deb Size/MD5: 54228 0801f14c705396544b024417a9edd53a powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.2.3-1ubuntu0.2_powerpc.deb Size/MD5: 20368 d2e318aa804d06c3a9fa84f17d0a582c http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3-1ubuntu0.2_powerpc.deb Size/MD5: 58308 52095cfefa517a7e6fa22bdf4d6a148e sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/bcrelay_1.2.3-1ubuntu0.2_sparc.deb Size/MD5: 20142 61d2f4e9a005ab87646006fc12fe9d72 http://security.ubuntu.com/ubuntu/pool/main/p/pptpd/pptpd_1.2.3-1ubuntu0.2_sparc.deb Size/MD5: 54602 d6ff36cf5d38e0c453941f89559b09f2