Vulnerabilities > CVE-2005-2533 - Unspecified vulnerability in Openvpn
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses.
Vulnerable Configurations
Nessus
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_1986449A8B7440FAB7CC0D8DEF8AAD65.NASL description James Yonan reports : A malicious [authenticated] client in last seen 2020-06-01 modified 2020-06-02 plugin id 21391 published 2006-05-13 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21391 title FreeBSD : openvpn -- denial of service: malicious authenticated 'tap' client can deplete server virtual memory (1986449a-8b74-40fa-b7cc-0d8def8aad65) NASL family Windows NASL id OPENVPN_2_0_1.NASL description According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is prior to 2.0.1. It is, therefore, affected by multiple vulnerabilities: - A denial of service (DoS) vulnerability exists in OpenVPN due to its OpenSSL error queue not being flushed properly. An unauthenticated, remote attacker can exploit this issue, by sending a large number of incorrect connection requests, to cause the application to stop responding (CVE-2005-2531) & (CVE-2005-2532). - OpenVPN is affected by a denial of service (DoS) vulnerability. An authenticated, remote attacker can exploit this issue, by sending a large of number of packets with spoofed MAC addresses, to cause the application to stop responding (CVE-2005-2533). - A denial of service (DoS) vulnerability exists in OpenVPN when --duplicate-cn is not enabled. An unauthenticated, remote attacker can exploit this issue, by issuing simultaneous tcp connections from multiple clients that use the same certificate, to cause the application to stop responding (CVE-2005-2534). last seen 2020-06-01 modified 2020-06-02 plugin id 125261 published 2019-05-17 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/125261 title OpenVPN < 2.0.1 Multiple Vulnerabilities (Windows) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-851.NASL description Several security related problems have been discovered in openvpn, a Virtual Private Network daemon. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2531 Wrong processing of failed certificate authentication when running with last seen 2020-06-01 modified 2020-06-02 plugin id 19959 published 2005-10-11 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19959 title Debian DSA-851-1 : openvpn - programming errors