Lucene search

K
freebsdFreeBSDD1C39C8E-05AB-4739-870F-765490FA2052
HistoryJul 27, 2005 - 12:00 a.m.

openvpn -- denial of service: undecryptable packet from authorized client can disconnect unrelated clients

2005-07-2700:00:00
vuxml.freebsd.org
21

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.021

Percentile

89.4%

James Yonan reports:

If the client sends a packet which fails to decrypt on the
server, the OpenSSL error queue is not properly flushed,
which can result in another unrelated client instance on the
server seeing the error and responding to it, resulting in
disconnection of the unrelated client.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchopenvpn< 2.0.1UNKNOWN

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.021

Percentile

89.4%

Related for D1C39C8E-05AB-4739-870F-765490FA2052