Mandriva Linux Security Advisory : openvpn (MDVSA-2014:246)
Medium Nessus Plugin ID 79991
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated openvpn packages fix security vulnerability :
Dragana Damjanovic discovered that OpenVPN incorrectly handled certain control channel packets. An authenticated attacker could use this issue to cause an OpenVPN server to crash, resulting in a denial of service (CVE-2014-8104).
The openvpn packages has been updated to the 2.3.2 version and patched to correct this issue.
SolutionUpdate the affected lib64openvpn-devel and / or openvpn packages.