FreeBSD : OpenVPN -- denial of service security vulnerability (23ab5c3e-79c3-11e4-8b1e-d050992ecde8)
Medium Nessus Plugin ID 79656
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe OpenVPN project reports :
In late November 2014 Dragana Damjanovic notified OpenVPN developers of a critical denial of service security vulnerability (CVE-2014-8104). The vulnerability allows an tls-authenticated client to crash the server by sending a too-short control channel packet to the server. In other words this vulnerability is denial of service only.
SolutionUpdate the affected packages.