[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2017-852 ---- openvpn

ID: oval:org.secpod.oval:def:1600724Date: (C)2017-06-28   (M)2023-04-17
Class: PATCHFamily: unix




OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet. OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character. OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension. OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker

Platform:
Amazon Linux AMI
Product:
openvpn
Reference:
ALAS-2017-852
CVE-2017-7508
CVE-2017-7522
CVE-2017-7521
CVE-2017-7520
CVE    4
CVE-2017-7521
CVE-2017-7520
CVE-2017-7522
CVE-2017-7508
...
CPE    2
cpe:/o:amazon:linux
cpe:/a:openvpn:openvpn

© SecPod Technologies