5

CVE-2005-2531

OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenvpnOpenvpn Version2.0
OpenvpnOpenvpn Version2.0.1_rc1
OpenvpnOpenvpn Version2.0.1_rc2
OpenvpnOpenvpn Version2.0.1_rc3
OpenvpnOpenvpn Version2.0.1_rc4
OpenvpnOpenvpn Version2.0.1_rc5
OpenvpnOpenvpn Version2.0.1_rc6
OpenvpnOpenvpn Version2.0.1_rc7
OpenvpnOpenvpn Version2.0_beta1
OpenvpnOpenvpn Version2.0_beta2
OpenvpnOpenvpn Version2.0_beta3
OpenvpnOpenvpn Version2.0_beta4
OpenvpnOpenvpn Version2.0_beta5
OpenvpnOpenvpn Version2.0_beta6
OpenvpnOpenvpn Version2.0_beta7
OpenvpnOpenvpn Version2.0_beta8
OpenvpnOpenvpn Version2.0_beta9
OpenvpnOpenvpn Version2.0_beta10
OpenvpnOpenvpn Version2.0_beta11
OpenvpnOpenvpn Version2.0_beta12
OpenvpnOpenvpn Version2.0_beta13
OpenvpnOpenvpn Version2.0_beta15
OpenvpnOpenvpn Version2.0_beta16
OpenvpnOpenvpn Version2.0_beta17
OpenvpnOpenvpn Version2.0_beta18
OpenvpnOpenvpn Version2.0_beta19
OpenvpnOpenvpn Version2.0_beta20
OpenvpnOpenvpn Version2.0_beta28
OpenvpnOpenvpn Version2.0_rc1
OpenvpnOpenvpn Version2.0_rc2
OpenvpnOpenvpn Version2.0_rc3
OpenvpnOpenvpn Version2.0_rc4
OpenvpnOpenvpn Version2.0_rc5
OpenvpnOpenvpn Version2.0_rc6
OpenvpnOpenvpn Version2.0_rc7
OpenvpnOpenvpn Version2.0_rc8
OpenvpnOpenvpn Version2.0_rc9
OpenvpnOpenvpn Version2.0_rc10
OpenvpnOpenvpn Version2.0_rc11
OpenvpnOpenvpn Version2.0_rc12
OpenvpnOpenvpn Version2.0_rc13
OpenvpnOpenvpn Version2.0_rc14
OpenvpnOpenvpn Version2.0_rc15
OpenvpnOpenvpn Version2.0_rc16
OpenvpnOpenvpn Version2.0_rc17
OpenvpnOpenvpn Version2.0_rc18
OpenvpnOpenvpn Version2.0_rc19
OpenvpnOpenvpn Version2.0_rc20
OpenvpnOpenvpn Version2.0_rc21
OpenvpnOpenvpn Version2.0_test1
OpenvpnOpenvpn Version2.0_test2
OpenvpnOpenvpn Version2.0_test3
OpenvpnOpenvpn Version2.0_test5
OpenvpnOpenvpn Version2.0_test6
OpenvpnOpenvpn Version2.0_test7
OpenvpnOpenvpn Version2.0_test8
OpenvpnOpenvpn Version2.0_test9
OpenvpnOpenvpn Version2.0_test10
OpenvpnOpenvpn Version2.0_test11
OpenvpnOpenvpn Version2.0_test12
OpenvpnOpenvpn Version2.0_test14
OpenvpnOpenvpn Version2.0_test15
OpenvpnOpenvpn Version2.0_test16
OpenvpnOpenvpn Version2.0_test17
OpenvpnOpenvpn Version2.0_test18
OpenvpnOpenvpn Version2.0_test19
OpenvpnOpenvpn Version2.0_test20
OpenvpnOpenvpn Version2.0_test21
OpenvpnOpenvpn Version2.0_test22
OpenvpnOpenvpn Version2.0_test23
OpenvpnOpenvpn Version2.0_test24
OpenvpnOpenvpn Version2.0_test26
OpenvpnOpenvpn Version2.0_test27
OpenvpnOpenvpn Version2.0_test29
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.41% 0.787
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P