CVE-2017-7478

Published: May 15, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.

Vendor	Product	Versions
OpenVPN Technologies, Inc	openvpn	affected `2.3.12 and newer`

Weaknesses (CWE)

CWE-617

References

41993

exploit

x_refsource_EXPLOIT-DB

https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits

x_refsource_CONFIRM

1038473

vdb-entry

x_refsource_SECTRACK

98444

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-7478

Description

Affected Products

Weaknesses (CWE)

References