CVE-2017-7479

Summary

OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.

Affected Software

VendorProductVersion RangeStatus
OpenVPN Technologies, Incopenvpn< 2.3.15affected
OpenVPN Technologies, Incopenvpn< 2.4.2affected

Weaknesses

  • CWE-617: CWE-617

ADP Enrichment

CVE Program Container

Additional References

References