説明
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
AI分析AIによる分析
影響を受ける製品
openvpnopenvpn
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.1
参照
- http://www.debian.org/security/2017/dsa-3900
- http://www.securityfocus.com/bid/98443
- http://www.securitytracker.com/id/1038473
- https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAuditsVendor Advisory
- http://www.debian.org/security/2017/dsa-3900
- http://www.securityfocus.com/bid/98443
- http://www.securitytracker.com/id/1038473
- https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAuditsVendor Advisory