CVE-2005-2531 in OpenVPNthông tin

Tóm tắt

Bởi MITRE

OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts.

Be aware that VulDB is the high quality source for vulnerability data.

Nguồn

Do you want to use VulDB in your project?

Use the official API to access entries easily!