Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:31474
HistoryDec 02, 2014 - 12:00 a.m.

[USN-2430-1] OpenVPN vulnerability

2014-12-0200:00:00
vulners.com
19
JSON

==========================================================================
Ubuntu Security Notice USN-2430-1
December 02, 2014

openvpn vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary:

OpenVPN could be made to crash if it received specially crafted network
traffic.

Software Description:

  • openvpn: virtual private network software

Details:

Dragana Damjanovic discovered that OpenVPN incorrectly handled certain
control channel packets. An authenticated attacker could use this issue to
cause an OpenVPN server to crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.10:
openvpn 2.3.2-9ubuntu1.1

Ubuntu 14.04 LTS:
openvpn 2.3.2-7ubuntu3.1

Ubuntu 12.04 LTS:
openvpn 2.2.1-8ubuntu1.4

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2430-1
CVE-2014-8104

Package Information:
https://launchpad.net/ubuntu/+source/openvpn/2.3.2-9ubuntu1.1
https://launchpad.net/ubuntu/+source/openvpn/2.3.2-7ubuntu3.1
https://launchpad.net/ubuntu/+source/openvpn/2.2.1-8ubuntu1.4

– ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Related

nessus 16
prion 1
fedora 5
openvas 18
amazon 1
osv 1
cve 1
debiancve 1
ubuntucve 1
freebsd 1
securityvulns 1
altlinux 1
ubuntu 1
slackware 1
suse 3
archlinux 1
debian 2
mageia 1
gentoo 1
nessus
nessus
FreeBSD : OpenVPN -- denial of service security vulnerability (23ab5c3e-79c3-11e4-8b1e-d050992ecde8)
2014-12-02 00:00:00
Debian DSA-3084-1 : openvpn - security update
2014-12-03 00:00:00
Ubuntu 14.04 LTS : OpenVPN vulnerability (USN-2430-1)
2014-12-03 00:00:00
prion
prion
Code injection
2014-12-03 18:59:00
fedora
fedora
[SECURITY] Fedora 20 Update: openvpn-2.3.6-1.fc20
2014-12-13 09:43:06
[SECURITY] Fedora 21 Update: openvpn-2.3.6-1.fc21
2014-12-12 04:14:16
[SECURITY] Fedora 20 Update: pkcs11-helper-1.11-3.fc20
2014-12-13 09:43:05
openvas
openvas
Fedora Update for pkcs11-helper FEDORA-2014-16273
2014-12-14 00:00:00
Debian: Security Advisory (DSA-3084-1)
2014-11-30 00:00:00
Debian: Security Advisory (DLA-98-1)
2023-03-08 00:00:00
amazon
amazon
Medium: openvpn
2014-12-10 13:25:00
osv
osv
openvpn - security update
2014-12-01 00:00:00
cve
cve
CVE-2014-8104
2014-12-03 18:59:00
debiancve
debiancve
CVE-2014-8104
2014-12-03 18:59:00
ubuntucve
ubuntucve
CVE-2014-8104
2014-12-01 00:00:00
freebsd
freebsd
OpenVPN -- denial of service security vulnerability
2014-12-01 00:00:00
securityvulns
securityvulns
OpenVPN DoS
2014-12-02 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openvpn version 2.3.6-alt1
2015-01-15 00:00:00
ubuntu
ubuntu
OpenVPN vulnerability
2014-12-02 00:00:00
slackware
slackware
[slackware-security] openvpn
2014-12-11 04:12:09
suse
suse
Security update for OpenVPN (important)
2014-12-09 01:04:46
Security update for openvpn (important)
2014-12-08 17:06:53
Security update for openvpn (important)
2014-12-23 20:04:48
archlinux
archlinux
openvpn: denial of service
2014-12-02 00:00:00
debian
debian
[SECURITY] [DLA 98-1] openvpn security update
2014-12-02 21:35:28
[SECURITY] [DSA 3084-1] openvpn security update
2014-12-01 20:27:43
mageia
mageia
Updated openvpn package fixes CVE-2014-8104
2014-12-05 19:59:28
gentoo
gentoo
OpenVPN: Denial of service
2014-12-26 00:00:00
JSON
Related for SECURITYVULNS:DOC:31474
nessus16prion1fedora5openvas18amazon1osv1cve1debiancve1ubuntucve1freebsd1securityvulns1altlinux1ubuntu1slackware1suse3archlinux1debian2mageia1gentoo1