FreeBSD : openvpn -- potential denial-of-service on servers in TCP mode (3de49331-0dec-422c-93e5-e4719e9869c5)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

James Yonan reports :

If the TCP server accept() call returns an error status, the resulting
exception handler may attempt to indirect through a NULL pointer,
causing a segfault. Affects all OpenVPN 2.0 versions.

See also :

http://openvpn.net/changelog.html
http://www.nessus.org/u?5af88561

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 21416 (freebsd_pkg_3de493310dec422c93e5e4719e9869c5.nasl)

Bugtraq ID:

CVE ID: CVE-2005-3409

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now