Vulnerabilities > CVE-2005-2533 - Unspecified vulnerability in Openvpn

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

openvpn

nessus

NVD

Published: 2005-08-24

Updated: 2008-09-05

Summary

OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses.

Vulnerable Configurations

Part	Description	Count
Application	Openvpn Openvpn Openvpn 2.0 Openvpn Openvpn 2.0.1_Rc1 Openvpn Openvpn 2.0.1_Rc2 Openvpn Openvpn 2.0.1_Rc3 Openvpn Openvpn 2.0.1_Rc4 Openvpn Openvpn 2.0.1_Rc5 Openvpn Openvpn 2.0.1_Rc6 Openvpn Openvpn 2.0.1_Rc7 Openvpn Openvpn 2.0_Beta1 Openvpn Openvpn 2.0_Beta2 Openvpn Openvpn 2.0_Beta3 Openvpn Openvpn 2.0_Beta4 Openvpn Openvpn 2.0_Beta5 Openvpn Openvpn 2.0_Beta6 Openvpn Openvpn 2.0_Beta7 Openvpn Openvpn 2.0_Beta8 Openvpn Openvpn 2.0_Beta9 Openvpn Openvpn 2.0_Beta10 Openvpn Openvpn 2.0_Beta11 Openvpn Openvpn 2.0_Beta12 Openvpn Openvpn 2.0_Beta13 Openvpn Openvpn 2.0_Beta15 Openvpn Openvpn 2.0_Beta16 Openvpn Openvpn 2.0_Beta17 Openvpn Openvpn 2.0_Beta18 Openvpn Openvpn 2.0_Beta19 Openvpn Openvpn 2.0_Beta20 Openvpn Openvpn 2.0_Beta28 Openvpn Openvpn 2.0_Rc1 Openvpn Openvpn 2.0_Rc2 Openvpn Openvpn 2.0_Rc3 Openvpn Openvpn 2.0_Rc4 Openvpn Openvpn 2.0_Rc5 Openvpn Openvpn 2.0_Rc6 Openvpn Openvpn 2.0_Rc7 Openvpn Openvpn 2.0_Rc8 Openvpn Openvpn 2.0_Rc9 Openvpn Openvpn 2.0_Rc10 Openvpn Openvpn 2.0_Rc11 Openvpn Openvpn 2.0_Rc12 Openvpn Openvpn 2.0_Rc13 Openvpn Openvpn 2.0_Rc14 Openvpn Openvpn 2.0_Rc15 Openvpn Openvpn 2.0_Rc16 Openvpn Openvpn 2.0_Rc17 Openvpn Openvpn 2.0_Rc18 Openvpn Openvpn 2.0_Rc19 Openvpn Openvpn 2.0_Rc20 Openvpn Openvpn 2.0_Rc21 Openvpn Openvpn 2.0_Test1 Openvpn Openvpn 2.0_Test2 Openvpn Openvpn 2.0_Test3 Openvpn Openvpn 2.0_Test5 Openvpn Openvpn 2.0_Test6 Openvpn Openvpn 2.0_Test7 Openvpn Openvpn 2.0_Test8 Openvpn Openvpn 2.0_Test9 Openvpn Openvpn 2.0_Test10 Openvpn Openvpn 2.0_Test11 Openvpn Openvpn 2.0_Test12 Openvpn Openvpn 2.0_Test14 Openvpn Openvpn 2.0_Test15 Openvpn Openvpn 2.0_Test16 Openvpn Openvpn 2.0_Test17 Openvpn Openvpn 2.0_Test18 Openvpn Openvpn 2.0_Test19 Openvpn Openvpn 2.0_Test20 Openvpn Openvpn 2.0_Test21 Openvpn Openvpn 2.0_Test22 Openvpn Openvpn 2.0_Test23 Openvpn Openvpn 2.0_Test24 Openvpn Openvpn 2.0_Test26 Openvpn Openvpn 2.0_Test27 Openvpn Openvpn 2.0_Test29	74

Nessus

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_1986449A8B7440FAB7CC0D8DEF8AAD65.NASL
description	James Yonan reports : A malicious [authenticated] client in
last seen	2020-06-01
modified	2020-06-02
plugin id	21391
published	2006-05-13
reporter	This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/21391
title	FreeBSD : openvpn -- denial of service: malicious authenticated 'tap' client can deplete server virtual memory (1986449a-8b74-40fa-b7cc-0d8def8aad65)

NASL family	Windows
NASL id	OPENVPN_2_0_1.NASL
description	According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is prior to 2.0.1. It is, therefore, affected by multiple vulnerabilities: - A denial of service (DoS) vulnerability exists in OpenVPN due to its OpenSSL error queue not being flushed properly. An unauthenticated, remote attacker can exploit this issue, by sending a large number of incorrect connection requests, to cause the application to stop responding (CVE-2005-2531) & (CVE-2005-2532). - OpenVPN is affected by a denial of service (DoS) vulnerability. An authenticated, remote attacker can exploit this issue, by sending a large of number of packets with spoofed MAC addresses, to cause the application to stop responding (CVE-2005-2533). - A denial of service (DoS) vulnerability exists in OpenVPN when --duplicate-cn is not enabled. An unauthenticated, remote attacker can exploit this issue, by issuing simultaneous tcp connections from multiple clients that use the same certificate, to cause the application to stop responding (CVE-2005-2534).
last seen	2020-06-01
modified	2020-06-02
plugin id	125261
published	2019-05-17
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/125261
title	OpenVPN < 2.0.1 Multiple Vulnerabilities (Windows)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-851.NASL
description	Several security related problems have been discovered in openvpn, a Virtual Private Network daemon. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2531 Wrong processing of failed certificate authentication when running with
last seen	2020-06-01
modified	2020-06-02
plugin id	19959
published	2005-10-11
reporter	This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/19959
title	Debian DSA-851-1 : openvpn - programming errors

Summary

Vulnerable Configurations

Nessus

References