CVE-2005-2531 in OpenVPNinformazioni

Riassunto

di MITRE

OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts.

Be aware that VulDB is the high quality source for vulnerability data.

Fonti

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!