CVE-2005-3409

Currently unrated

Key Information:

Vendor: Openvpn
Status: Openvpn; Openvpn Access Server
Vendor: CVE Published:; 2 November 2005

Summary

OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler.

References

http://secunia.com/advisories/17447

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/17480

third-party-advisoryx_refsource_SECUNIA

http://openvpn.net/changelog.html

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 2, 2005
Vulnerability Reserved
Nov 1, 2005