14 matches found
SUSE: Security Advisory (SUSE-SU-2017:1718-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1622-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : openvpn (openSUSE-2017-717) (SWEET32)
This update for openvpn fixes the following issues : - CVE-2016-6329: Show which ciphers should no longer be used in openvpn --show-ciphers bsc995374 - CVE-2017-7478: openvpn: Authenticated user can DoS server by using a big payload in PCONTROL bsc1038709 - CVE-2017-7479: openvpn: Denial of Servi...
SUSE SLED12 / SLES12 Security Update : openvpn (SUSE-SU-2017:1622-1) (SWEET32)
This update for openvpn fixes the following issues : - CVE-2016-6329: Show which ciphers should no longer be used in openvpn --show-ciphers bsc995374 - CVE-2017-7478: openvpn: Authenticated user can DoS server by using a big payload in PCONTROL bsc1038709 - CVE-2017-7479: openvpn: Denial of Servi...
OpenVPN P_CONTROL Denial of Service (CVE-2017-7478)
A denial-of-service vulnerability exists in OpenVPN. This vulnerability is due to an assertion in OpenVPN server that can be reached during the processing of a malicious packet. A remote, unauthenticated attacker can exploit this vulnerability to cause the OpenVPN server program to terminate,...
Updated openvpn packages fix security vulnerability
It was discovered that OpenVPN improperly triggered an assert when receiving an oversized control packet in some situations. A remote attacker could use this to cause a denial of service server or client crash CVE-2017-7478. It was discovered that OpenVPN improperly triggered an assert when packe...
Fedora Update for openvpn FEDORA-2017-f426acf49d
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : openvpn (2017-f426acf49d)
Security fix for two remote DoS issues CVE-2017-7478, CVE-2017-7479 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
CVE-2017-7478
CVE-2017-7478 affects OpenVPN 2.3.12 and later: an unauthenticated attacker can trigger a denial-of-service by sending an oversized P_CONTROL payload, causing the server to terminate. The issue is fixed in OpenVPN 2.3.15 and 2.4.2. mitigations include tls-auth/tls-crypt protection; advisories ind...
Fedora Update for openvpn FEDORA-2017-0d0f18140a
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 9 package openvpn version 2.4.2-alt1
May 14, 2017 Nikolay A. Fetisov 2.4.2-alt1 - New version - Security fixes: + CVE-2017-7478 Don't assert out on receiving too-large control packets + CVE-2017-7479 Drop packets instead of assert out if packet id rolls over...
[ASA-201705-16] openvpn: denial of service
Arch Linux Security Advisory ASA-201705-16 ========================================== Severity: High Date : 2017-05-13 CVE-ID : CVE-2017-7478 CVE-2017-7479 Package : openvpn Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-271 Summary ======= The package openvpn...
FreeBSD : OpenVPN -- two remote denial-of-service vulnerabilities (04cc7bd2-3686-11e7-aa64-080027ef73ec)
Samuli Seppanen reports : OpenVPN v2.4.0 was audited for security vulnerabilities independently by Quarkslabs funded by OSTIF and Cryptography Engineering funded by Private Internet Access between December 2016 and April 2017. The primary findings were two remote denial-of-service vulnerabilities...
CVE-2017-7478
creationtimestamp| type| source ---|---|--- 2017-05-11 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41993...