CVE-2005-2531

EPSS 1.41%
Published 24.08.2005 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts.

Affected products Warnungen 0 Metrics 2 CWE 0 References 10

Data is provided by the National Vulnerability Database (NVD)

Openvpn ≫ Openvpn Version2.0

Openvpn ≫ Openvpn Version2.0.1_rc1

Openvpn ≫ Openvpn Version2.0.1_rc2

Openvpn ≫ Openvpn Version2.0.1_rc3

Openvpn ≫ Openvpn Version2.0.1_rc4

Openvpn ≫ Openvpn Version2.0.1_rc5

Openvpn ≫ Openvpn Version2.0.1_rc6

Openvpn ≫ Openvpn Version2.0.1_rc7

Openvpn ≫ Openvpn Version2.0_beta1

Openvpn ≫ Openvpn Version2.0_beta2

Openvpn ≫ Openvpn Version2.0_beta3

Openvpn ≫ Openvpn Version2.0_beta4

Openvpn ≫ Openvpn Version2.0_beta5

Openvpn ≫ Openvpn Version2.0_beta6

Openvpn ≫ Openvpn Version2.0_beta7

Openvpn ≫ Openvpn Version2.0_beta8

Openvpn ≫ Openvpn Version2.0_beta9

Openvpn ≫ Openvpn Version2.0_beta10

Openvpn ≫ Openvpn Version2.0_beta11

Openvpn ≫ Openvpn Version2.0_beta12

Openvpn ≫ Openvpn Version2.0_beta13

Openvpn ≫ Openvpn Version2.0_beta15

Openvpn ≫ Openvpn Version2.0_beta16

Openvpn ≫ Openvpn Version2.0_beta17

Openvpn ≫ Openvpn Version2.0_beta18

Openvpn ≫ Openvpn Version2.0_beta19

Openvpn ≫ Openvpn Version2.0_beta20

Openvpn ≫ Openvpn Version2.0_beta28

Openvpn ≫ Openvpn Version2.0_rc1

Openvpn ≫ Openvpn Version2.0_rc2

Openvpn ≫ Openvpn Version2.0_rc3

Openvpn ≫ Openvpn Version2.0_rc4

Openvpn ≫ Openvpn Version2.0_rc5

Openvpn ≫ Openvpn Version2.0_rc6

Openvpn ≫ Openvpn Version2.0_rc7

Openvpn ≫ Openvpn Version2.0_rc8

Openvpn ≫ Openvpn Version2.0_rc9

Openvpn ≫ Openvpn Version2.0_rc10

Openvpn ≫ Openvpn Version2.0_rc11

Openvpn ≫ Openvpn Version2.0_rc12

Openvpn ≫ Openvpn Version2.0_rc13

Openvpn ≫ Openvpn Version2.0_rc14

Openvpn ≫ Openvpn Version2.0_rc15

Openvpn ≫ Openvpn Version2.0_rc16

Openvpn ≫ Openvpn Version2.0_rc17

Openvpn ≫ Openvpn Version2.0_rc18

Openvpn ≫ Openvpn Version2.0_rc19

Openvpn ≫ Openvpn Version2.0_rc20

Openvpn ≫ Openvpn Version2.0_rc21

Openvpn ≫ Openvpn Version2.0_test1

Openvpn ≫ Openvpn Version2.0_test2

Openvpn ≫ Openvpn Version2.0_test3

Openvpn ≫ Openvpn Version2.0_test5

Openvpn ≫ Openvpn Version2.0_test6

Openvpn ≫ Openvpn Version2.0_test7

Openvpn ≫ Openvpn Version2.0_test8

Openvpn ≫ Openvpn Version2.0_test9

Openvpn ≫ Openvpn Version2.0_test10

Openvpn ≫ Openvpn Version2.0_test11

Openvpn ≫ Openvpn Version2.0_test12

Openvpn ≫ Openvpn Version2.0_test14

Openvpn ≫ Openvpn Version2.0_test15

Openvpn ≫ Openvpn Version2.0_test16

Openvpn ≫ Openvpn Version2.0_test17

Openvpn ≫ Openvpn Version2.0_test18

Openvpn ≫ Openvpn Version2.0_test19

Openvpn ≫ Openvpn Version2.0_test20

Openvpn ≫ Openvpn Version2.0_test21

Openvpn ≫ Openvpn Version2.0_test22

Openvpn ≫ Openvpn Version2.0_test23

Openvpn ≫ Openvpn Version2.0_test24

Openvpn ≫ Openvpn Version2.0_test26

Openvpn ≫ Openvpn Version2.0_test27

Openvpn ≫ Openvpn Version2.0_test29

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.41%	0.787

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://www.novell.com/linux/security/advisories/2005_20_sr.html

http://openvpn.net/changelog.html

http://secunia.com/advisories/16463

http://secunia.com/advisories/17103

http://www.debian.org/security/2005/dsa-851

http://www.mandriva.com/security/advisories?name=MDKSA-2005:145

Patch

Vendor Advisory

http://www.securityfocus.com/bid/14605

https://nvd.nist.gov/vuln/detail/CVE-2005-2531

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-2531

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-2531

EUVD