Forum Thread: OpenVPN Denial of Service and Buffer Overflow Two Vulnerabilities

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
OpenVPN Denial of Service and Buffer Overflow Two Vulnerabilities

Secunia OpenVPN Denial of Service and Buffer Overflow Two Vulnerabilities
Secunia Official 7th Apr, 2017 10:49
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
Multiple vulnerabilities have been reported in OpenVPN, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

1) An error related to port-share can potentially be exploited to cause a crash.

2) A boundary error when handling credentials in the auth-pam can be exploited to cause a stack-based buffer overflow via an overly long user name or password.

Successful exploitation of this vulnerability may allow execution of arbitrary code.

The vulnerabilities are reported in versions prior to 2.3.11.

No one has replied to this thread yet - be the first