CVE-2005-3409

OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service segmentation fault by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler...

CVE-2005-3409

OpenVPN 2.x is affected by CVE-2005-3409 (pre-2.0.4). The issue is a denial-of-service caused by forcing accept() to return an error, which leads to a NULL pointer dereference in the exception handler, potentially crashing the service. The vulnerability affects OpenVPN servers operating in TCP mo...

CVE-2005-3409

OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service segmentation fault by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler...

CVE-2005-3409

OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service segmentation fault by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler...

CVE-2005-3393

Format string vulnerability in the foreignoption function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option...

CVE-2005-3393

Format string vulnerability in the foreignoption function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option...

DEBIAN-CVE-2005-3393

Format string vulnerability in the foreignoption function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option...

CVE-2005-3393

Format string vulnerability in the foreignoption function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option...

CVE-2005-3393

Format string vulnerability in the foreignoption function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option...

CVE-2005-3393

OpenVPN 2.0.x is affected by CVE-2005-3393 due to a format-string vulnerability in the foreign_option function (options.c) used when pushing dhcp-option. This could allow a remote attacker to execute arbitrary code on non-Windows OpenVPN clients during TLS negotiation if the server/client configu...

CVE-2005-3393

Format string vulnerability in the foreignoption function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option...

OpenVPN VPN client format string vulnerability

Format string bug on parsing DHCP options obtained from server...

OpenVPN[v2.0.x]: foreign_option() formart string vulnerability.

[email protected]: OpenVPNv2.0.x: foreignoption format string vulnerability. 1. BACKGROUND OpenVPN is a robust and highly configurable VPN Virtual Private Network daemon which can be used to securely link two or more private networks using an encrypted tunnel over the Internet. OpenVPN's principal...

openvpn -- potential denial-of-service on servers in TCP mode

James Yonan reports: If the TCP server accept call returns an error status, the resulting exception handler may attempt to indirect through a NULL pointer, causing a segfault. Affects all OpenVPN 2.0 versions...

openvpn -- arbitrary code execution on client through malicious or compromised server

James Yonan reports: A format string vulnerability in the foreignoption function in options.c could potentially allow a malicious or compromised server to execute arbitrary code on the client. Only non-Windows clients are affected. The vulnerability only exists if a the client's TLS negotiation...

Debian DSA-851-1 : openvpn - programming errors

Several security related problems have been discovered in openvpn, a Virtual Private Network daemon. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2531 Wrong processing of failed certificate authentication when running with 'verb 0' and without TL...

[SECURITY] [DSA 851-1] New openvpn packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 851-1 [email protected] http://www.debian.org/security/ Martin Schulze October 9th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 851-1] New openvpn packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 851-1 [email protected] http://www.debian.org/security/ Martin Schulze October 9th, 2005 http://www.debian.org/security/faq -...

DSA-851-1 openvpn - denial of service

Bulletin has no description...

Security fix for the ALT Linux 9 package openvpn version 2.0.2-alt1

Aug. 25, 2005 Nikolay A. Fetisov 2.0.2-alt1 - New version 2.0.2: -- Security fix for several DoS attacks: CAN-2005-2531; CAN-2005-2532; CAN-2005-2533; CAN-2005-2534. -- Several minor bug fixes and improvements, see ChangeLog for details - Run in chroot by default...