CVE-2017-7479
6.5MEDIUMOpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
Опубликовано: 5/15/2017Обновлено: 4/20/2025
Описание
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
ИИ-АнализНа базе ИИ
Затронутые продукты
openvpnopenvpn
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.1
Ссылки
- http://www.debian.org/security/2017/dsa-3900
- http://www.securityfocus.com/bid/98443
- http://www.securitytracker.com/id/1038473
- https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAuditsVendor Advisory
- http://www.debian.org/security/2017/dsa-3900
- http://www.securityfocus.com/bid/98443
- http://www.securitytracker.com/id/1038473
- https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAuditsVendor Advisory