16 Aug 22:20
OpenVPN 2.0.1 released -- note security fixes
James Yonan <jim <at> yonan.net>
2005-08-16 20:20:06 GMT
2005-08-16 20:20:06 GMT
This release fixes a number of bugs in OpenVPN 2.0, including several bugs in the server which might be used to mount a DoS attack. Download: http://openvpn.net/download.html Change Log since 2.0: 2005.08.16 -- Version 2.0.1 * Security Fix -- DoS attack against server when run with "verb 0" and without "tls-auth". If a client connection to the server fails certificate verification, the OpenSSL error queue is not properly flushed, which can result in another unrelated client instance on the server seeing the error and responding to it, resulting in disconnection of the unrelated client (CAN-2005-2531). * Security Fix -- DoS attack against server by authenticated client. This bug presents a potential DoS attack vector against the server which can only be initiated by a connected and authenticated client. If the client sends a packet which fails to decrypt on the server, the OpenSSL error queue is not properly flushed, which can result in another unrelated client instance on the server seeing the error and responding to it, resulting in disconnection of the unrelated client (CAN-2005-2532). * Security Fix -- DoS attack against server by authenticated client. A malicious client in "dev tap" ethernet bridging mode could theoretically flood the server with packets appearing to come from hundreds of thousands of different MAC addresses, causing the OpenVPN process to deplete system virtual memory as it expands its internal(Continue reading)
RSS Feed