22 matches found
Slackware: Security Advisory (SSA:2014-344-04)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201412-41
Gentoo Linux Local Security Checks GLSA 201412-41 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
SUSE SLED12 / SLES12 Security Update : openvpn (SUSE-SU-2014:1694-1)
A remote denial of service attack against openvpn was fixed, where a authenticated client cloud stop the server by triggering a server-side ASSERT CVE-2014-8104, Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
Mandriva Linux Security Advisory : openvpn (MDVSA-2015:139)
Updated openvpn packages fix security vulnerability : Dragana Damjanovic discovered that OpenVPN incorrectly handled certain control channel packets. An authenticated attacker could use this issue to cause an OpenVPN server to crash, resulting in a denial of service CVE-2014-8104. %NASLMINLEVEL...
Security fix for the ALT Linux 9 package openvpn version 2.3.6-alt1
Jan. 15, 2015 Nikolay A. Fetisov 2.3.6-alt1 - New version 2.3.6 - CVE-2014-8104 Closes: 30529 - Adding pkcs11 support Closes: 30614 - Adding systemd service files Closes: 28071...
GLSA-201412-41 : OpenVPN: Denial of Service
The remote host is affected by the vulnerability described in GLSA-201412-41 OpenVPN: Denial of Service OpenVPN does not properly handle control channel packets that are too small. Impact : A remote authenticated attacker could send a specially crafted control channel packet, possibly resulting i...
Fedora 20 : openvpn-2.3.6-1.fc20 / pkcs11-helper-1.11-3.fc20 (2014-16273)
Fix for CVE-2014-8104. https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e 732b Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Mandriva Linux Security Advisory : openvpn (MDVSA-2014:246)
Updated openvpn packages fix security vulnerability : Dragana Damjanovic discovered that OpenVPN incorrectly handled certain control channel packets. An authenticated attacker could use this issue to cause an OpenVPN server to crash, resulting in a denial of service CVE-2014-8104. The openvpn...
Amazon Linux AMI : openvpn (ALAS-2014-459)
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service server crash via a small control channel packet. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Fedora Update for pkcs11-helper FEDORA-2014-16234
Check the version of pkcs11-helper SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868584";...
Fedora Update for pkcs11-helper FEDORA-2014-16273
Check the version of pkcs11-helper SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868582";...
Medium: openvpn
Issue Overview: OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service server crash via a small control channel packet. Affected Packages: openvpn Issue Correction: Run yum update openvpn or yum update --advisory...
openSUSE Security Update : openvpn (openSUSE-SU-2014:1594-1)
openvpn was updated to fix a denial-of-service vulnerability where an authenticated client could stop the server by triggering a server-side ASSERT bnc907764,CVE-2014-8104, %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
openSUSE: Security Advisory for openvpn (openSUSE-SU-2014:1594-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2014-0512 Updated openvpn package fixes CVE-2014-8104
Updated openvpn packages fix security vulnerability: Dragana Damjanovic discovered that OpenVPN incorrectly handled certain control channel packets. An authenticated attacker could use this issue to cause an OpenVPN server to crash, resulting in a denial of service CVE-2014-8104...
CVE-2014-8104
Summary: CVE-2014-8104 affects OpenVPN 2.x (various branches) and allows a remote authenticated attacker to cause a denial of service (server crash) by sending a small control channel packet. The root cause is improper handling of too-small control channel packets. Impact: denial of service with ...
Debian DSA-3084-1 : openvpn - security update
Dragana Damjanovic discovered that an authenticated client could crash an OpenVPN server by sending a control packet containing less than four bytes as payload. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
[SECURITY] [DLA 98-1] openvpn security update
Package : openvpn Version : 2.1.3-2+squeeze3 CVE ID : CVE-2014-8104 Dragana Damjanovic discovered that an authenticated client could crash an OpenVPN server by sending a control packet containing less than four bytes as payload. For the oldstable distribution squeeze, this problem has been fixed ...
[SECURITY] [DSA 3084-1] openvpn security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3084-1 [email protected] http://www.debian.org/security/ Florian Weimer December 01, 2014 http://www.debian.org/security/faq -...
UBUNTU-CVE-2014-8104
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service server crash via a small control channel packet...