vulnerability
FreeBSD: VID-04CC7BD2-3686-11E7-AA64-080027EF73EC (CVE-2017-7478): OpenVPN -- two remote denial-of-service vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | May 10, 2017 | May 11, 2017 | May 3, 2019 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
May 10, 2017
Added
May 11, 2017
Modified
May 3, 2019
Description
OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.
Solutions
freebsd-upgrade-package-openvpnfreebsd-upgrade-package-openvpn-mbedtlsfreebsd-upgrade-package-openvpn-polarsslfreebsd-upgrade-package-openvpn23freebsd-upgrade-package-openvpn23-polarssl
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.