Lucene search
K

10 matches found

OSV
OSV
added 2023/11/16 1:9 p.m.4 views

USN-6484-1 openvpn vulnerabilities

It was discovered that OpenVPN incorrectly handled the --fragment option in certain configurations. A remote attacker could possibly use this issue to cause OpenVPN to crash, resulting in a denial of service. CVE-2023-46849 It was discovered that OpenVPN incorrectly handled certain memory...

9.8CVSS7.5AI score0.01982EPSS
Exploits0References3
OSV
OSV
added 2023/11/15 12:0 a.m.1 views

UBUNTU-CVE-2023-46849

Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service...

7.5CVSS7.3AI score0.01982EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/11/14 1:51 a.m.4 views

SUSE CVE-2023-46849

Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service...

5.9CVSS6.8AI score0.01141EPSS
Exploits0References3
OSV
OSV
added 2023/11/11 1:15 a.m.29 views

CVE-2023-46849

Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service...

7.5CVSS9.1AI score0.01982EPSS
Exploits0References5
OSV
OSV
added 2023/11/11 1:15 a.m.1 views

DEBIAN-CVE-2023-46849

Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service...

7.5CVSS8.2AI score0.01141EPSS
Exploits0References1
OSV
OSV
added 2023/11/11 1:15 a.m.2 views

ALPINE-CVE-2023-46849

Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service...

7.5CVSS6.8AI score0.01141EPSS
Exploits0References1
Prion
Prion
added 2023/11/11 1:15 a.m.18 views

Denial of service

Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service...

5CVSS6.8AI score0.01982EPSS
Exploits0References5Affected Software4
AlpineLinux
AlpineLinux
added 2023/11/11 12:5 a.m.37 views

CVE-2023-46849

Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service...

7.5CVSS8.3AI score0.01141EPSS
Exploits0
FreeBSD
FreeBSD
added 2023/08/29 12:0 a.m.46 views

openvpn -- 2.6.0...2.6.6 --fragment option division by zero crash, and TLS data leak

The OpenVPN community project team reports: CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly restore "--fragment" configuration in some circumstances, leading to a division by zero when "--fragment" is used. On platforms where division by zero is fatal, this will cause an OpenV...

9.8CVSS6.7AI score0.01982EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/10/19 2:48 p.m.4 views

kernel: Integer overflow in ip6_find_1stfragopt() causes infinite loop

An integer overflow vulnerability in ip6find1stfragopt function was found. A local attacker that has privileges of CAPNETRAW to open raw socket can cause an infinite loop inside the ip6find1stfragopt function...

5.5CVSS6.8AI score0.00457EPSS
Exploits0References4
Rows per page
Query Builder