CVE-2005-2531

OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial o...

CVE-2005-2533

OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service memory exhaustion via a flood of packets with a large number of spoofed MAC addresses...

CVE-2005-2533

OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service memory exhaustion via a flood of packets with a large number of spoofed MAC addresses...

CVE-2005-2533

OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service memory exhaustion via a flood of packets with a large number of spoofed MAC addresses...

CVE-2005-2534

Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of service server crash via simultaneous TCP connections from multiple clients that use the same client certificate...

CVE-2005-2532

OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service client disconnection via a large number of packets that can not be decrypted...

CVE-2005-2532

OpenVPN before 2.0.1 is affected by CVE-2005-2532: the server’s handling of packets that cannot be decrypted can lead to disconnection of unrelated clients (a DoS). The root cause is improper flushing of the OpenSSL error queue when a decryption failure occurs, allowing the failure to spill over ...

CVE-2005-2533

OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service memory exhaustion via a flood of packets with a large number of spoofed MAC addresses...

CVE-2005-2531

OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial o...

CVE-2005-2534

Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of service server crash via simultaneous TCP connections from multiple clients that use the same client certificate...

CVE-2005-2534

OpenVPN is affected by a DoS when --duplicate-cn is not enabled: simultaneous TCP connections from multiple clients using the same certificate can crash the server. This is described for OpenVPN

DEBIAN-CVE-2005-2533

OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service memory exhaustion via a flood of packets with a large number of spoofed MAC addresses...

CVE-2005-2533

OpenVPN prior to 2.0.1 is affected when running in dev tap Ethernet bridging mode. A remote authenticated client can exhaust memory by sending a flood of packets with spoofed MAC addresses, causing a denial of service. Remediation: upgrade to OpenVPN 2.0.1 or newer as indicated by public advisori...

CVE-2005-2532

OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service client disconnection via a large number of packets that can not be decrypted...

CVE-2005-2532

OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service client disconnection via a large number of packets that can not be decrypted...

CVE-2005-2531

OpenVPN

CVE-2005-2531

OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial o...

CVE-2005-2532

OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service client disconnection via a large number of packets that can not be decrypted...

CVE-2005-2532

OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service client disconnection via a large number of packets that can not be decrypted...

CVE-2005-2531

OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial o...