Lucene search
MitreCVE-2005-3409HistoryNov 02, 2005 - 12:02 a.m.
CVE-2005-3409
2005-11-0200:02:00
mitre
web.nvd.nist.gov
38
openvpn
denial of service
vulnerability
tcp mode
cve-2005-3409
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.2
Confidence
Low
EPSS
0.093
Percentile
94.7%
OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler.
Affected configurations
Node
openvpnopenvpnMatch2.0
ORopenvpnopenvpnMatch2.0.1_rc1
ORopenvpnopenvpnMatch2.0.1_rc2
ORopenvpnopenvpnMatch2.0.1_rc3
ORopenvpnopenvpnMatch2.0.1_rc4
ORopenvpnopenvpnMatch2.0.1_rc5
ORopenvpnopenvpnMatch2.0.1_rc6
ORopenvpnopenvpnMatch2.0.1_rc7
ORopenvpnopenvpnMatch2.0.2_rc1
ORopenvpnopenvpnMatch2.0.3_rc1
ORopenvpnopenvpnMatch2.0_beta1
ORopenvpnopenvpnMatch2.0_beta2
ORopenvpnopenvpnMatch2.0_beta3
ORopenvpnopenvpnMatch2.0_beta4
ORopenvpnopenvpnMatch2.0_beta5
ORopenvpnopenvpnMatch2.0_beta6
ORopenvpnopenvpnMatch2.0_beta7
ORopenvpnopenvpnMatch2.0_beta8
ORopenvpnopenvpnMatch2.0_beta9
ORopenvpnopenvpnMatch2.0_beta10
ORopenvpnopenvpnMatch2.0_beta11
ORopenvpnopenvpnMatch2.0_beta12
ORopenvpnopenvpnMatch2.0_beta13
ORopenvpnopenvpnMatch2.0_beta15
ORopenvpnopenvpnMatch2.0_beta16
ORopenvpnopenvpnMatch2.0_beta17
ORopenvpnopenvpnMatch2.0_beta18
ORopenvpnopenvpnMatch2.0_beta19
ORopenvpnopenvpnMatch2.0_beta20
ORopenvpnopenvpnMatch2.0_beta28
ORopenvpnopenvpnMatch2.0_rc1
ORopenvpnopenvpnMatch2.0_rc2
ORopenvpnopenvpnMatch2.0_rc3
ORopenvpnopenvpnMatch2.0_rc4
ORopenvpnopenvpnMatch2.0_rc5
ORopenvpnopenvpnMatch2.0_rc6
ORopenvpnopenvpnMatch2.0_rc7
ORopenvpnopenvpnMatch2.0_rc8
ORopenvpnopenvpnMatch2.0_rc9
ORopenvpnopenvpnMatch2.0_rc10
ORopenvpnopenvpnMatch2.0_rc11
ORopenvpnopenvpnMatch2.0_rc12
ORopenvpnopenvpnMatch2.0_rc13
ORopenvpnopenvpnMatch2.0_rc14
ORopenvpnopenvpnMatch2.0_rc15
ORopenvpnopenvpnMatch2.0_rc16
ORopenvpnopenvpnMatch2.0_rc17
ORopenvpnopenvpnMatch2.0_rc18
ORopenvpnopenvpnMatch2.0_rc19
ORopenvpnopenvpnMatch2.0_rc20
ORopenvpnopenvpnMatch2.0_rc21
ORopenvpnopenvpnMatch2.0_test1
ORopenvpnopenvpnMatch2.0_test2
ORopenvpnopenvpnMatch2.0_test3
ORopenvpnopenvpnMatch2.0_test5
ORopenvpnopenvpnMatch2.0_test6
ORopenvpnopenvpnMatch2.0_test7
ORopenvpnopenvpnMatch2.0_test8
ORopenvpnopenvpnMatch2.0_test9
ORopenvpnopenvpnMatch2.0_test10
ORopenvpnopenvpnMatch2.0_test11
ORopenvpnopenvpnMatch2.0_test12
ORopenvpnopenvpnMatch2.0_test14
ORopenvpnopenvpnMatch2.0_test15
ORopenvpnopenvpnMatch2.0_test16
ORopenvpnopenvpnMatch2.0_test17
ORopenvpnopenvpnMatch2.0_test18
ORopenvpnopenvpnMatch2.0_test19
ORopenvpnopenvpnMatch2.0_test20
ORopenvpnopenvpnMatch2.0_test21
ORopenvpnopenvpnMatch2.0_test22
ORopenvpnopenvpnMatch2.0_test23
ORopenvpnopenvpnMatch2.0_test24
ORopenvpnopenvpnMatch2.0_test26
ORopenvpnopenvpnMatch2.0_test27
ORopenvpnopenvpnMatch2.0_test29
ORopenvpnopenvpn_access_serverMatch2.0.1
ORopenvpnopenvpn_access_serverMatch2.0.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| openvpn | openvpn | 2.0 | cpe:2.3:a:openvpn:openvpn:2.0:*:*:*:*:*:*:* |
| openvpn | openvpn | 2.0.1_rc1 | cpe:2.3:a:openvpn:openvpn:2.0.1_rc1:*:*:*:*:*:*:* |
| openvpn | openvpn | 2.0.1_rc2 | cpe:2.3:a:openvpn:openvpn:2.0.1_rc2:*:*:*:*:*:*:* |
| openvpn | openvpn | 2.0.1_rc3 | cpe:2.3:a:openvpn:openvpn:2.0.1_rc3:*:*:*:*:*:*:* |
| openvpn | openvpn | 2.0.1_rc4 | cpe:2.3:a:openvpn:openvpn:2.0.1_rc4:*:*:*:*:*:*:* |
| openvpn | openvpn | 2.0.1_rc5 | cpe:2.3:a:openvpn:openvpn:2.0.1_rc5:*:*:*:*:*:*:* |
| openvpn | openvpn | 2.0.1_rc6 | cpe:2.3:a:openvpn:openvpn:2.0.1_rc6:*:*:*:*:*:*:* |
| openvpn | openvpn | 2.0.1_rc7 | cpe:2.3:a:openvpn:openvpn:2.0.1_rc7:*:*:*:*:*:*:* |
| openvpn | openvpn | 2.0.2_rc1 | cpe:2.3:a:openvpn:openvpn:2.0.2_rc1:*:*:*:*:*:*:* |
| openvpn | openvpn | 2.0.3_rc1 | cpe:2.3:a:openvpn:openvpn:2.0.3_rc1:*:*:*:*:*:*:* |
References
openvpn.net/changelog.html
secunia.com/advisories/17376
secunia.com/advisories/17447
secunia.com/advisories/17452
secunia.com/advisories/17480
www.debian.org/security/2005/dsa-885
www.gentoo.org/security/en/glsa/glsa-200511-07.xml
www.novell.com/linux/security/advisories/2005_25_sr.html
www.osvdb.org/20416
www.securityfocus.com/archive/1/415487
www.securityfocus.com/bid/15270
Related
freebsd
freebsd
openvpn -- potential denial-of-service on servers in TCP mode
2005-11-01 00:00:00
nessus
nessus
FreeBSD : openvpn -- potential denial-of-service on servers in TCP mode (3de49331-0dec-422c-93e5-e4719e9869c5)
2006-05-13 00:00:00
OpenVPN Server 2.0.x < 2.0.4 Denial of Service Vulnerability
2019-09-16 00:00:00
Debian DSA-885-1 : openvpn - several vulnerabilities
2006-10-14 00:00:00
ubuntucve
ubuntucve
CVE-2005-3409
2005-11-02 00:00:00
openvas
openvas
FreeBSD Ports: openvpn
2008-09-04 00:00:00
FreeBSD Ports: openvpn
2008-09-04 00:00:00
Debian Security Advisory DSA 885-1 (openvpn)
2008-01-17 00:00:00
debiancve
debiancve
CVE-2005-3409
2005-11-02 00:02:00
nvd
nvd
CVE-2005-3409
2005-11-02 00:02:00
cvelist
cvelist
CVE-2005-3409
2005-11-02 00:00:00
debian
debian
[SECURITY] [DSA 885-1] New OpenVPN packages fix several vulnerabilities
2005-11-07 09:57:19
[SECURITY] [DSA 885-1] New OpenVPN packages fix several vulnerabilities
2005-11-07 09:57:19
osv
osv
openvpn - several
2005-11-07 00:00:00
openvpn-2.5.3-1.2 on GA media
2024-06-15 00:00:00
gentoo
gentoo
OpenVPN: Multiple vulnerabilities
2005-11-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openvpn version 2.0.6-alt1
2006-04-06 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.2
Confidence
Low
EPSS
0.093
Percentile
94.7%
Related for CVE-2005-3409