=========================================================== Ubuntu Security Notice USN-459-2 May 21, 2007 pptpd vulnerabilities https://launchpad.net/bugs/115448 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: bcrelay 1.2.3-1ubuntu0.2 pptpd 1.2.3-1ubuntu0.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-459-1 fixed vulnerabilities in pptpd. However, a portion of the fix caused a regression in session establishment under Dapper for certain PPTP clients. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw was discovered in the PPTP tunnel server. Remote attackers could send a specially crafted packet and disrupt established PPTP tunnels, leading to a denial of service.