|
|
>> OpenVPN Multiple Remote Denial of Service Vulnerabilities
|
Multiple vulnerabilities were identified in OpenVPN, which could be exploited by remote attackers to cause a denial of service.
The OpenSSL error queue is not properly flushed when a client connection fails the certificate validation, which could cause the server to disconnect unrelated clients. The server is vulnerable when running with "verb 0" and without "tls-auth".
The OpenSSL error queue is not properly flushed when processing specially crafted packets sent by an authenticated client, which could cause the server to disconnect unrelated clients.
A client in "dev tap" ethernet bridging mode could flood the server with packets appearing to come from different MAC addresses, which ould cause the OpenVPN server to deplete system virtual memory.
A race condition when two or more clients try to connect to the server at the same time via TCP using the same client certificate, could cause the server to crash. OpenVPN is vulnerable when "--duplicate-cn" is not enabled.
Affected Products
OpenVPN versions prior to 2.0.1
Solution
Upgrade to OpenVPN versions 2.0.1 :
http://openvpn.net/download.html
References
http://www.vupen.com/english/advisories/2005/1469
Credits
Vulnerabilities reported by the vendor
ChangeLog
2005-08-19 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
