FreeBSD : openvpn -- multiple TCP clients connecting with the same certificate at the same time can crash the server (5ad3e437-e527-4514-b9ed-280b2ca1a8c9)
Low Nessus Plugin ID 21433
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionJames Yonan reports :
If two or more client machines try to connect to the server at the same time via TCP, using the same client certificate, and when
--duplicate-cn is not enabled on the server, a race condition can crash the server with 'Assertion failed at mtcp.c:411'
SolutionUpdate the affected package.