Lucene search
HistoryDec 03, 2014 - 6:59 p.m.
CVE-2014-8104
openvpn
server crash
denial of service
small control channel packet
cve-2014-8104
nvd
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
5.9 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.3%
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
Affected configurations
Node
mageiamageiaMatch4.0
Node
debiandebian_linuxMatch7.0
ORdebiandebian_linuxMatch8.0
Node
opensuseopensuseMatch12.3
ORopensuseopensuseMatch13.1
ORopensuseopensuseMatch13.2
Node
openvpnopenvpnMatch2.0.1_rc1
ORopenvpnopenvpnMatch2.0.1_rc2
ORopenvpnopenvpnMatch2.0.1_rc3
ORopenvpnopenvpnMatch2.0.1_rc4
ORopenvpnopenvpnMatch2.0.1_rc5
ORopenvpnopenvpnMatch2.0.1_rc6
ORopenvpnopenvpnMatch2.0.1_rc7
ORopenvpnopenvpnMatch2.0.2_rc1
ORopenvpnopenvpnMatch2.0.3_rc1
ORopenvpnopenvpnMatch2.0.4
ORopenvpnopenvpnMatch2.0.6_rc1
ORopenvpnopenvpnMatch2.0.9
ORopenvpnopenvpnMatch2.0_rc1
ORopenvpnopenvpnMatch2.0_rc2
ORopenvpnopenvpnMatch2.0_rc3
ORopenvpnopenvpnMatch2.0_rc4
ORopenvpnopenvpnMatch2.0_rc5
ORopenvpnopenvpnMatch2.0_rc6
ORopenvpnopenvpnMatch2.0_rc7
ORopenvpnopenvpnMatch2.0_rc8
ORopenvpnopenvpnMatch2.0_rc9
ORopenvpnopenvpnMatch2.0_rc10
ORopenvpnopenvpnMatch2.0_rc11
ORopenvpnopenvpnMatch2.0_rc12
ORopenvpnopenvpnMatch2.0_rc13
ORopenvpnopenvpnMatch2.0_rc14
ORopenvpnopenvpnMatch2.0_rc15
ORopenvpnopenvpnMatch2.0_rc16
ORopenvpnopenvpnMatch2.0_rc17
ORopenvpnopenvpnMatch2.0_rc18
ORopenvpnopenvpnMatch2.0_rc19
ORopenvpnopenvpnMatch2.0_rc20
ORopenvpnopenvpnMatch2.0_rc21
ORopenvpnopenvpnMatch2.0_test1
ORopenvpnopenvpnMatch2.0_test2
ORopenvpnopenvpnMatch2.0_test3
ORopenvpnopenvpnMatch2.0_test4
ORopenvpnopenvpnMatch2.0_test5
ORopenvpnopenvpnMatch2.0_test6
ORopenvpnopenvpnMatch2.0_test7
ORopenvpnopenvpnMatch2.0_test8
ORopenvpnopenvpnMatch2.0_test9
ORopenvpnopenvpnMatch2.0_test10
ORopenvpnopenvpnMatch2.0_test11
ORopenvpnopenvpnMatch2.0_test12
ORopenvpnopenvpnMatch2.0_test14
ORopenvpnopenvpnMatch2.0_test15
ORopenvpnopenvpnMatch2.0_test16
ORopenvpnopenvpnMatch2.0_test17
ORopenvpnopenvpnMatch2.0_test18
ORopenvpnopenvpnMatch2.0_test19
ORopenvpnopenvpnMatch2.0_test20
ORopenvpnopenvpnMatch2.0_test21
ORopenvpnopenvpnMatch2.0_test22
ORopenvpnopenvpnMatch2.0_test23
ORopenvpnopenvpnMatch2.0_test24
ORopenvpnopenvpnMatch2.0_test25
ORopenvpnopenvpnMatch2.0_test26
ORopenvpnopenvpnMatch2.0_test27
ORopenvpnopenvpnMatch2.0_test28
ORopenvpnopenvpnMatch2.0_test29
ORopenvpnopenvpnMatch2.1beta-1
ORopenvpnopenvpnMatch2.1beta-10
ORopenvpnopenvpnMatch2.1beta-11
ORopenvpnopenvpnMatch2.1beta-12
ORopenvpnopenvpnMatch2.1beta-13
ORopenvpnopenvpnMatch2.1beta-14
ORopenvpnopenvpnMatch2.1beta-15
ORopenvpnopenvpnMatch2.1beta-16
ORopenvpnopenvpnMatch2.1beta-2
ORopenvpnopenvpnMatch2.1beta-3
ORopenvpnopenvpnMatch2.1beta-4
ORopenvpnopenvpnMatch2.1beta-5
ORopenvpnopenvpnMatch2.1beta-6
ORopenvpnopenvpnMatch2.1beta-7
ORopenvpnopenvpnMatch2.1beta-8
ORopenvpnopenvpnMatch2.1beta-9
ORopenvpnopenvpnMatch2.1rc_1
ORopenvpnopenvpnMatch2.1rc_10
ORopenvpnopenvpnMatch2.1rc_11
ORopenvpnopenvpnMatch2.1rc_12
ORopenvpnopenvpnMatch2.1rc_13
ORopenvpnopenvpnMatch2.1rc_14
ORopenvpnopenvpnMatch2.1rc_15
ORopenvpnopenvpnMatch2.1rc_16
ORopenvpnopenvpnMatch2.1rc_17
ORopenvpnopenvpnMatch2.1rc_18
ORopenvpnopenvpnMatch2.1rc_19
ORopenvpnopenvpnMatch2.1rc_2
ORopenvpnopenvpnMatch2.1rc_20
ORopenvpnopenvpnMatch2.1rc_21
ORopenvpnopenvpnMatch2.1rc_22
ORopenvpnopenvpnMatch2.1rc_3
ORopenvpnopenvpnMatch2.1rc_4
ORopenvpnopenvpnMatch2.1rc_5
ORopenvpnopenvpnMatch2.1rc_6
ORopenvpnopenvpnMatch2.1rc_7
ORopenvpnopenvpnMatch2.1rc_8
ORopenvpnopenvpnMatch2.1rc_9
ORopenvpnopenvpnMatch2.1.0
ORopenvpnopenvpnMatch2.1.1
ORopenvpnopenvpnMatch2.1.2
ORopenvpnopenvpnMatch2.1.3
ORopenvpnopenvpnMatch2.1.4
ORopenvpnopenvpnMatch2.2beta1
ORopenvpnopenvpnMatch2.2beta2
ORopenvpnopenvpnMatch2.2beta3
ORopenvpnopenvpnMatch2.2beta4
ORopenvpnopenvpnMatch2.2beta5
ORopenvpnopenvpnMatch2.2.0
ORopenvpnopenvpnMatch2.2.1
ORopenvpnopenvpnMatch2.2.2
ORopenvpnopenvpnMatch2.3alpha1
ORopenvpnopenvpnMatch2.3alpha2
ORopenvpnopenvpnMatch2.3alpha3
ORopenvpnopenvpnMatch2.3beta1
ORopenvpnopenvpnMatch2.3rc1
ORopenvpnopenvpnMatch2.3rc2
ORopenvpnopenvpnMatch2.3.0
ORopenvpnopenvpnMatch2.3.1
ORopenvpnopenvpnMatch2.3.2
ORopenvpnopenvpnMatch2.3.3
ORopenvpnopenvpnMatch2.3.4
ORopenvpnopenvpnMatch2.3.5
ORopenvpnopenvpn_access_serverMatch2.0.0
ORopenvpnopenvpn_access_serverMatch2.0.1
ORopenvpnopenvpn_access_serverMatch2.0.2
ORopenvpnopenvpn_access_serverMatch2.0.3
ORopenvpnopenvpn_access_serverMatch2.0.5
ORopenvpnopenvpn_access_serverMatch2.0.6
ORopenvpnopenvpn_access_serverMatch2.0.7
ORopenvpnopenvpn_access_serverMatch2.0.8
ORopenvpnopenvpn_access_serverMatch2.0.10
Node
canonicalubuntu_linuxMatch12.04lts
ORcanonicalubuntu_linuxMatch14.04lts
ORcanonicalubuntu_linuxMatch14.10
| CPE | Name | Operator | Version |
|---|---|---|---|
| mageia:mageia | mageia | eq | 4.0 |
References
Related
nessus
nessus
Mandriva Linux Security Advisory : openvpn (MDVSA-2014:246)
2014-12-15 00:00:00
SuSE 11.3 Security Update : OpenVPN (SAT Patch Number 10061)
2014-12-09 00:00:00
Ubuntu 14.04 LTS : OpenVPN vulnerability (USN-2430-1)
2014-12-03 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-459)
2015-09-08 00:00:00
openSUSE: Security Advisory for openvpn (openSUSE-SU-2014:1594-1)
2014-12-09 00:00:00
Fedora Update for openvpn FEDORA-2014-16273
2014-12-14 00:00:00
debiancve
debiancve
CVE-2014-8104
2014-12-03 18:59:00
osv
osv
openvpn - security update
2014-12-01 00:00:00
nvd
nvd
CVE-2014-8104
2014-12-03 18:59:00
amazon
amazon
Medium: openvpn
2014-12-10 13:25:00
fedora
fedora
[SECURITY] Fedora 20 Update: openvpn-2.3.6-1.fc20
2014-12-13 09:43:06
[SECURITY] Fedora 21 Update: openvpn-2.3.6-1.fc21
2014-12-12 04:14:16
[SECURITY] Fedora 20 Update: pkcs11-helper-1.11-3.fc20
2014-12-13 09:43:05
prion
prion
Code injection
2014-12-03 18:59:00
freebsd
freebsd
OpenVPN -- denial of service security vulnerability
2014-12-01 00:00:00
ubuntucve
ubuntucve
CVE-2014-8104
2014-12-01 00:00:00
cvelist
cvelist
CVE-2014-8104
2014-12-03 18:00:00
ubuntu
ubuntu
OpenVPN vulnerability
2014-12-02 00:00:00
securityvulns
securityvulns
OpenVPN DoS
2014-12-02 00:00:00
[USN-2430-1] OpenVPN vulnerability
2014-12-02 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openvpn version 2.3.6-alt1
2015-01-15 00:00:00
slackware
slackware
[slackware-security] openvpn
2014-12-11 04:12:09
archlinux
archlinux
openvpn: denial of service
2014-12-02 00:00:00
suse
suse
Security update for OpenVPN (important)
2014-12-09 01:04:46
Security update for openvpn (important)
2014-12-23 20:04:48
Security update for openvpn (important)
2014-12-08 17:06:53
gentoo
gentoo
OpenVPN: Denial of service
2014-12-26 00:00:00
debian
debian
[SECURITY] [DSA 3084-1] openvpn security update
2014-12-01 20:27:43
[SECURITY] [DLA 98-1] openvpn security update
2014-12-02 21:35:28
mageia
mageia
Updated openvpn package fixes CVE-2014-8104
2014-12-05 19:59:28
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
5.9 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.3%
Related for CVE-2014-8104