Vulnerabilities > Openvpn > Openvpn > 2.0.1.rc3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-12-03 | CVE-2014-8104 | Resource Management Errors vulnerability in multiple products OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet. | 6.8 |
2006-05-05 | CVE-2006-2229 | Denial-Of-Service vulnerability in Openvpn and Openvpn Access Server OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service. | 4.0 |
2005-11-02 | CVE-2005-3409 | Remote Denial Of Service vulnerability in Openvpn and Openvpn Access Server OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler. | 5.0 |
2005-08-24 | CVE-2005-2534 | Denial Of Service vulnerability in OpenVPN Same Client Certificate Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of service (server crash) via simultaneous TCP connections from multiple clients that use the same client certificate. | 2.6 |
2005-08-24 | CVE-2005-2533 | Unspecified vulnerability in Openvpn OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses. | 2.1 |
2005-08-24 | CVE-2005-2532 | Denial Of Service vulnerability in OpenVPN Packet Decryption Failure OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service (client disconnection) via a large number of packets that can not be decrypted. | 5.0 |
2005-08-24 | CVE-2005-2531 | Denial Of Service vulnerability in OpenVPN Failed Authentication OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts. | 5.0 |