NVD Vulnerability Detail

CVE-2005-2531

Summary	OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts.
Publication Date	Aug. 24, 2005, 1 p.m.
Registration Date	Jan. 29, 2021, 5:58 p.m.
Last Update	Sept. 6, 2008, 5:52 a.m.

CVSS2.0 : MEDIUM
Score	5.0
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:openvpn:openvpn:2.0:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc1:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc2:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc3:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc4:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc5:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc6:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc7:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta1:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta2:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta3:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta4:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta5:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta6:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta7:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta8:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta9:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta10:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta11:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta12:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta13:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta15:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta16:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta17:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta18:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta19:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta20:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta28:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc1:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc2:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc3:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc4:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc5:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc6:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc7:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc8:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc9:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc10:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc11:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc12:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc13:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc14:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc15:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc16:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc17:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc18:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc19:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc20:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc21:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test1:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test2:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test3:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test5:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test6:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test7:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test8:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test9:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test10:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test11:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test12:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test14:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test15:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test16:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test17:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test18:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test19:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test20:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test21:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test22:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test23:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test24:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test26:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test27:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test29:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://openvpn.net/changelog.html	CONFIRM
2	http://secunia.com/advisories/16463	SECUNIA
3	http://secunia.com/advisories/17103	SECUNIA
4	http://www.debian.org/security/2005/dsa-851	DEBIAN
5	http://www.mandriva.com/security/advisories?name=MDKSA-2005:145	MANDRIVA	Patch Vendor Advisory
6	http://www.novell.com/linux/security/advisories/2005_20_sr.html	SUSE
7	http://www.securityfocus.com/bid/14605	BID

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:openvpn:openvpn:2.0:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc1:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc2:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc3:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc4:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc5:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc6:::::::*
cpe:2.3:a:openvpn:openvpn:2.0.1_rc7:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta1:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta2:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta3:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta4:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta5:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta6:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta7:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta8:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta9:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta10:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta11:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta12:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta13:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta15:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta16:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta17:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta18:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta19:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta20:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_beta28:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc1:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc2:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc3:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc4:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc5:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc6:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc7:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc8:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc9:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc10:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc11:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc12:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc13:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc14:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc15:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc16:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc17:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc18:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc19:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc20:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_rc21:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test1:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test2:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test3:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test5:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test6:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test7:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test8:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test9:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test10:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test11:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test12:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test14:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test15:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test16:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test17:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test18:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test19:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test20:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test21:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test22:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test23:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test24:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test26:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test27:::::::*
cpe:2.3:a:openvpn:openvpn:2.0_test29:::::::*