FreeBSD : OpenVPN -- Buffer overflow in PAM authentication and DoS through port sharing (0dc8be9e-19af-11e6-8de0-080027ef73ec)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Samuli Seppanen reports :

OpenVPN 2.3.11 [...] fixes two vulnerabilities: a port-share bug with
DoS potential and a buffer overflow by user-supplied data when using
pam authentication.[...]

See also :

https://sourceforge.net/p/openvpn/mailman/message/35076507/
http://www.nessus.org/u?2f61c29d
http://www.nessus.org/u?5b8ed3ff

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 91145 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now