CVE-2017-7478
N/A
N/A
Summary
OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| OpenVPN Technologies, Inc | openvpn | 2.3.12 and newer | affected |
Weaknesses
- CWE-617: CWE-617
ADP Enrichment
CVE Program Container
Additional References
- https://www.exploit-db.com/exploits/41993/
- https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits
- http://www.securitytracker.com/id/1038473
- http://www.securityfocus.com/bid/98444
References
- https://www.exploit-db.com/exploits/41993/
- https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits
- http://www.securitytracker.com/id/1038473
- http://www.securityfocus.com/bid/98444
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.