CVE-2005-2533

Properties

Published:
23.08.2005
Updated:
20.10.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:L/AC:L/Au:NR/C:N/I:N/A:C/B:N) Approximated
    Product:
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN
    OpenVPN: OpenVPN

    Vulnerability description

    OpenVPN before 2.0.1, when running in"dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses.

    References:

    MANDRAKE: http://www.mandriva.com/security/advisories?name=MDKSA-2005:145
    DEBIAN: http://www.debian.org/security/2005/dsa-851
    http://openvpn.net/changelog.html: http://openvpn.net/changelog.html
    SECUNIA: http://secunia.com/advisories/16463
    SECUNIA: http://secunia.com/advisories/17103