OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P
Vendors Products
Openvpn
  • Openvpn Access Server
  • Openvpn

Configuration 1 [-]

OR cpe:2.3:a:openvpn:openvpn:2.0:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc1:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc2:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc3:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc4:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc5:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc6:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc7:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0.2_rc1:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0.3_rc1:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta1:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta2:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta3:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta4:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta5:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta6:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta7:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta8:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta9:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta10:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta11:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta12:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta13:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta15:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta16:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta17:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta18:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta19:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta20:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_beta28:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc1:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc2:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc3:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc4:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc5:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc6:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc7:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc8:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc9:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc10:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc11:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc12:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc13:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc14:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc15:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc16:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc17:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc18:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc19:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc20:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_rc21:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test1:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test2:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test3:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test5:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test6:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test7:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test8:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test9:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test10:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test11:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test12:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test14:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test15:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test16:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test17:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test18:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test19:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test20:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test21:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test22:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test23:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test24:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test26:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test27:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn:2.0_test29:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn_access_server:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn_access_server:2.0.2:*:*:*:*:*:*:*
References
Link Resource
http://openvpn.net/changelog.html
http://secunia.com/advisories/17376 Patch Vendor Advisory
http://secunia.com/advisories/17447
http://secunia.com/advisories/17452
http://secunia.com/advisories/17480
http://www.debian.org/security/2005/dsa-885
http://www.gentoo.org/security/en/glsa/glsa-200511-07.xml
http://www.novell.com/linux/security/advisories/2005_25_sr.html
http://www.osvdb.org/20416
http://www.securityfocus.com/archive/1/415487
http://www.securityfocus.com/bid/15270
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2005-11-02T00:00:00

Updated: 2018-10-19T14:57:01

Reserved: 2005-11-01T00:00:00

Link: CVE-2005-3409

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2005-11-02T00:02:00.000

Modified: 2020-05-12T14:21:18.907

Link: CVE-2005-3409

JSON object: View

cve-icon Redhat Information

No data.

CWE