BSA-2017-380

Security Advisory ID : BSA-2017-380 Component : OpenVPN Revision : 1.0: Interim OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extractx509extension. Affected Products Brocade is...

BSA-2017-381

Security Advisory ID : BSA-2017-381 Component : OpenVPN Revision : 1.0: Interim OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character. Affected Products Brocade is investigatin...

Udp2raw-tunnel - A UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket [Bypass UDP FireWalls]

A UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket, helps you Bypass UDP FireWalls or Unstable UDP Environment. Its Encrypted, Anti-Replay and Multiplexed.It also acts as a Connection Stabilizer. Support Platforms A Linux host including desktop Linux, Android...

Encrypted, Anti-Replay, Multiplexed Udp Tunnel: Udp2raw-tunnel

A UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket, helps you Bypass UDP FireWalls or Unstable UDP Environment. Its Encrpyted, Anti-Replay and Multiplexed. It also acts as a Connection Stabilizer. Features Send / Receive UDP Packet with fake-tcp/icmp headers...

USN-3339-2: OpenVPN vulnerability

USN-3339-1 fixed several issues in OpenVPN. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Guido Vranken discovered that OpenVPN incorrectly handled an HTTP proxy with NTLM authentication. A remote attacker could use this issue to cause OpenVPN...

QNAP QTS < 4.2.6 build 20170729, 4.3.x < 4.3.3 build 20170727 Multiple Vulnerabilities

QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

Updated openvpn packages fix security vulnerabilities

It was possible to trigger an assertion by sending a malformed IPv6 packet. That issue could have been abused to remotely shutdown an openvpn server or client, if IPv6 and --mssfix were enabled and if the IPv6 networks used inside the VPN were known CVE-2017-7508. Some parts of the...

MGASA-2017-0224 Updated openvpn packages fix security vulnerabilities

It was possible to trigger an assertion by sending a malformed IPv6 packet. That issue could have been abused to remotely shutdown an openvpn server or client, if IPv6 and --mssfix were enabled and if the IPv6 networks used inside the VPN were known CVE-2017-7508. Some parts of the...

Fedora 26 : openvpn (2017-f8a114cd09)

Updates to the latest upstream OpenVPN 2.4.3, containing security updates for CVE-2017-7508, CVE-2017-7520 and CVE-2017-7521. This update also re-enables automatic restart of OpenVPN on the next updates. For this update, the restart needs to be done manually. Note that Tenable Network Security ha...

Fedora 26 : openvpn (2017-89d98779ec)

This update brings in the latest OpenVPN v2.4.2 release. This release contains fixes for two authenticated remote DoS vulnerabilities CVE-2017-7478 and CVE-2017-7479. For more information see the upstream security announcement. This build also switches back to OpenSSL 1.0, using compat-openssl10...

Authentication flaw

Red Hat 3scale aka RH-3scale API Management Platform AMP before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. NOTE: some sources have a typo in which CVE-2017-7512...

[BSA-116] Security Update for openvpn

Bernhard Schmidt uploaded new packages for openvpn which fixed the following security problems: CVE-2017-7479 It was discovered that openvpn did not properly handle the rollover of packet identifiers. This would allow an authenticated remote attacker to cause a denial-of-service via application...

Fedora 24 : openvpn (2017-5596f2f94d)

Updates to the latest upstream OpenVPN 2.3.17, containing security updates for CVE-2017-7508, CVE-2017-7520 and CVE-2017-7521. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically...

Fedora Update for openvpn FEDORA-2017-5596f2f94d

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 24 Update: openvpn-2.3.17-1.fc24

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

openSUSE Security Update : openvpn (openSUSE-2017-730)

This update for openvpn fixes the following issues : - Some parts of the certificate-parsing code did not always clear all allocated memory. This would have allowed clients to leak a few bytes of memory for each connection attempt, thereby facilitating a quite inefficient DoS attack on the server...

openSUSE Security Update : openvpn (openSUSE-2017-717) (SWEET32)

This update for openvpn fixes the following issues : - CVE-2016-6329: Show which ciphers should no longer be used in openvpn --show-ciphers bsc995374 - CVE-2017-7478: openvpn: Authenticated user can DoS server by using a big payload in PCONTROL bsc1038709 - CVE-2017-7479: openvpn: Denial of Servi...

SUSE-SU-2017:1718-1 Security update for openvpn-openssl1

This update for openvpn-openssl1 fixes the following issues: - Some parts of the certificate-parsing code did not always clear all allocated memory. This would have allowed clients to leak a few bytes of memory for each connection attempt, thereby facilitating a quite inefficient DoS attack on th...

Debian DSA-3900-1 : openvpn - security update

Several issues were discovered in openvpn, a virtual private network application. - CVE-2017-7479 It was discovered that openvpn did not properly handle the rollover of packet identifiers. This would allow an authenticated remote attacker to cause a denial-of-service via application crash. -...

Amazon Linux AMI : openvpn (ALAS-2017-852)

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet. CVE-2017-7508 OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an...