When scanning RouterOS 5.25 again Qualys FreeScan Vulnerability Scan service, it reported
PoPToP PPTP Negative read() Argument Remote Buffer Overflow Vulnerability
CVE ID: CVE-2003-0213 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0213
Impact:
Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code with the privileges of the affected server, potentially root.
Solution:
The vendor released updated versions of PPTP server to address this vulnerability. Upgrade as soon as possible to a PoPToP version that is not vulnerable. A not vulnerable version is available for download from http://prdownloads.sourceforge.net/poptop/pptpd-1.1.4-b4.tar.gz?download .
Results:
Vendor string:MikroTik length:0x1400