CVE-2017-7479
6.5MEDIUMOpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
Published: 5/15/2017Updated: 4/20/2025
Description
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
AI AnalysisPowered by AI
Affected Products
openvpnopenvpn
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.1
References
- http://www.debian.org/security/2017/dsa-3900
- http://www.securityfocus.com/bid/98443
- http://www.securitytracker.com/id/1038473
- https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAuditsVendor Advisory
- http://www.debian.org/security/2017/dsa-3900
- http://www.securityfocus.com/bid/98443
- http://www.securitytracker.com/id/1038473
- https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAuditsVendor Advisory