FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

openvpn -- denial of service: client certificate validation can disconnect unrelated clients

Affected packages
openvpn < 2.0.1

Details

VuXML ID a51ad838-2077-48b2-a136-e888a7db5f8d
Discovery 2005-08-03
Entry 2005-08-19

James Yonan reports:

DoS attack against server when run with "verb 0" and without "tls-auth". If a client connection to the server fails certificate verification, the OpenSSL error queue is not properly flushed, which can result in another unrelated client instance on the server seeing the error and responding to it, resulting in disconnection of the unrelated client.

References

CVE Name CVE-2005-2531
URL http://openvpn.net/changelog.html