CVE-2017-7479
6.5MEDIUMOpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
Publicado: 5/15/2017Actualizado: 4/20/2025
Descripción
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
Análisis IAImpulsado por IA
Productos Afectados
openvpnopenvpn
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.1
Referencias
- http://www.debian.org/security/2017/dsa-3900
- http://www.securityfocus.com/bid/98443
- http://www.securitytracker.com/id/1038473
- https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAuditsVendor Advisory
- http://www.debian.org/security/2017/dsa-3900
- http://www.securityfocus.com/bid/98443
- http://www.securitytracker.com/id/1038473
- https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAuditsVendor Advisory