vulnerability

Ubuntu: (Multiple Advisories) (CVE-2017-7479): OpenVPN vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:N/A:P)	May 10, 2017	May 11, 2017	Apr 25, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:N/A:P)

Published

May 10, 2017

Added

May 11, 2017

Modified

Apr 25, 2025

Description

It was discovered that OpenVPN improperly triggered an assert when
receiving an oversized control packet in some situations. A remote
attacker could use this to cause a denial of service (server or client
crash). (CVE-2017-7478)

It was discovered that OpenVPN improperly triggered an assert when packet
ids rolled over. An authenticated remote attacker could use this to cause a
denial of service (application crash). (CVE-2017-7479)

Solution

ubuntu-upgrade-openvpn

References

CVE-2017-7479
https://attackerkb.com/topics/CVE-2017-7479
DEBIAN-DLA-944-1
DEBIAN-DSA-3900
NVD-CVE-2017-7479
UBUNTU-USN-3284-1
UBUNTU-USN-3339-1
UBUNTU-USN-3339-2

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today