Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
PPTP detection and versioning
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Created
Created
Modified
Modified
Summary
The remote host seems to be running a PPTP (VPN) service, this service allows remote users to connect to the internal network and play a trusted rule in it. This service should be protect with encrypted username & password combinations, and should be accessible only to trusted individuals. By default the service leaks out such information as Server version (PPTP version), Hostname and Vendor string this could help an attacker better prepare her next attack. Also note that PPTP is not configured as being cryptographically secure, and you should use another VPN method if you can
Solution
Solution
Restrict access to this port from untrusted networks. Make sure only encrypt channels are allowed through the PPTP (VPN) connection.