No subject

Sun Jul 8 18:14:56 CDT 2012

etc etc aren't encrypted (not 100% confimed) and you still end up with the
normal CHAP authentiction which can be cracked too.. (must find that URL
where I found this, Doh!)

This is why we highly suggest to use 128Bit encryption.

pptp 1.0.1 is buggy anyway and we mostly suggest using 1.1.2 though it
wouldn't surprise me if it returns errors too..

-----Original Message-----
From: Matthieu PARISOT [mailto:matthieu at]
Sent: Thursday, September 13, 2001 1:33 AM
To: pptp-server at
Subject: [pptp-server] Is pptpd code secure?

Hi everybody,

I have used its4 ( ) to audit pptpd-1.0.1
source archive;

The dump is attached is attached with the mail.
Could anyone with a good knowledge of pptpd sources check this dump and
tells us if there's something wrong?
Is it possible to an attacker to pass arguments to pptpctrl (using a
home made pptp client) ?


More information about the pptp-server mailing list