Download
| Alert*
oval:org.secpod.oval:def:1800141
CVE-2017-7478: OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Fixed In Version openvpn 2.3.15, openvpn 2.4.2 oval:org.secpod.oval:def:703593 openvpn: virtual private network software Several security issues were fixed in OpenVPN. oval:org.secpod.oval:def:40644 The host is installed with OpenVPN versions before 2.3.15 or 2.4.x before 2.4.2 and is prone to Denial of service vulnerability. A flaw is present in the application, which fails to properly handle unspecified vector. Successful exploitation could allow attackers to cause denial of service. oval:org.secpod.oval:def:89044503 This update for openvpn fixes the following issues: - CVE-2016-6329: Show which ciphers should no longer be used in openvpn --show-ciphers - CVE-2017-7478: openvpn: Authenticated user can DoS server by using a big payload in P_CONTROL - CVE-2017-7479: openvpn: Denial of Service due to Exhaustion o ... oval:org.secpod.oval:def:89044841 This update for openvpn fixes the following security issues: - CVE-2017-12166: OpenVPN was vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. - CVE-2016-6329: Now show which ciphers should no longer be used in openvpn --show-ciphers to avoi ... oval:org.secpod.oval:def:112403 OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for compres ... oval:org.secpod.oval:def:112367 OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for compres ... oval:org.secpod.oval:def:602962 Several issues were discovered in openvpn, a virtual private network application. CVE-2017-7479 It was discovered that openvpn did not properly handle the rollover of packet identifiers. This would allow an authenticated remote attacker to cause a denial-of-service via application crash. CVE-2017-75 ... oval:org.secpod.oval:def:703672 openvpn: virtual private network software Several security issues were fixed in OpenVPN. oval:org.secpod.oval:def:53086 Several issues were discovered in openvpn, a virtual private network application. CVE-2017-7479 It was discovered that openvpn did not properly handle the rollover of packet identifiers. This would allow an authenticated remote attacker to cause a denial-of-service via application crash. CVE-2017-75 ... oval:org.secpod.oval:def:51830 openvpn: virtual private network software Several security issues were fixed in OpenVPN. |