描述
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
AI分析AI驱动
受影响产品
openvpnopenvpn
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.0
openvpnopenvpn
2.4.1
参考资料
- http://www.debian.org/security/2017/dsa-3900
- http://www.securityfocus.com/bid/98443
- http://www.securitytracker.com/id/1038473
- https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAuditsVendor Advisory
- http://www.debian.org/security/2017/dsa-3900
- http://www.securityfocus.com/bid/98443
- http://www.securitytracker.com/id/1038473
- https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAuditsVendor Advisory