18 matches found
SUSE: Security Advisory (SUSE-SU-2017:1718-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1622-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : openvpn (openSUSE-2017-717) (SWEET32)
This update for openvpn fixes the following issues : - CVE-2016-6329: Show which ciphers should no longer be used in openvpn --show-ciphers bsc995374 - CVE-2017-7478: openvpn: Authenticated user can DoS server by using a big payload in PCONTROL bsc1038709 - CVE-2017-7479: openvpn: Denial of Servi...
Debian DSA-3900-1 : openvpn - security update
Several issues were discovered in openvpn, a virtual private network application. - CVE-2017-7479 It was discovered that openvpn did not properly handle the rollover of packet identifiers. This would allow an authenticated remote attacker to cause a denial-of-service via application crash. -...
[SECURITY] [DSA 3900-1] openvpn security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3900-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 27, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3900-1] openvpn security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3900-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 27, 2017 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3900-1 (openvpn - security update)
Several issues were discovered in openvpn, a virtual private network application. CVE-2017-7479 It was discovered that openvpn did not properly handle the rollover of packet identifiers. This would allow an authenticated remote attacker to cause a denial-of-service via application crash...
Debian: Security Advisory (DSA-3900-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3339-1 openvpn vulnerabilities
Karthikeyan Bhargavan and Gaëtan Leurent discovered that 64-bit block ciphers are vulnerable to a birthday attack. A remote attacker could possibly use this issue to recover cleartext data. Fixing this issue requires a configuration change to switch to a different cipher. This update adds a warni...
SUSE SLED12 / SLES12 Security Update : openvpn (SUSE-SU-2017:1622-1) (SWEET32)
This update for openvpn fixes the following issues : - CVE-2016-6329: Show which ciphers should no longer be used in openvpn --show-ciphers bsc995374 - CVE-2017-7478: openvpn: Authenticated user can DoS server by using a big payload in PCONTROL bsc1038709 - CVE-2017-7479: openvpn: Denial of Servi...
Updated openvpn packages fix security vulnerability
It was discovered that OpenVPN improperly triggered an assert when receiving an oversized control packet in some situations. A remote attacker could use this to cause a denial of service server or client crash CVE-2017-7478. It was discovered that OpenVPN improperly triggered an assert when packe...
Fedora Update for openvpn FEDORA-2017-f426acf49d
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : openvpn (2017-f426acf49d)
Security fix for two remote DoS issues CVE-2017-7478, CVE-2017-7479 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
[SECURITY] [DLA 944-1] openvpn security update
Package : openvpn Version : 2.2.1-8+deb7u4 CVE ID : CVE-2017-7479 Denial of Service due to Exhaustion of Packet-ID counter An authenticated client can cause the servers the packet-id counter to roll over, which would lead the server process to hit an ASSERT and stop running. To make the server hi...
CVE-2017-7479
OpenVPN is affected: versions before 2.3.15 and before 2.4.2 fail to correctly handle rollover of the packet-ID counter, enabling an authenticated attacker to cause a denial-of-service via application crash. Root cause is improper handling of packet-ID rollover. The issue is mitigated by upgradin...
Fedora Update for openvpn FEDORA-2017-0d0f18140a
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 9 package openvpn version 2.4.2-alt1
May 14, 2017 Nikolay A. Fetisov 2.4.2-alt1 - New version - Security fixes: + CVE-2017-7478 Don't assert out on receiving too-large control packets + CVE-2017-7479 Drop packets instead of assert out if packet id rolls over...
[ASA-201705-16] openvpn: denial of service
Arch Linux Security Advisory ASA-201705-16 ========================================== Severity: High Date : 2017-05-13 CVE-ID : CVE-2017-7478 CVE-2017-7479 Package : openvpn Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-271 Summary ======= The package openvpn...