fkie_cve-2005-2531
Vulnerability from fkie_nvd
Published
2005-08-24 04:00
Modified
2024-11-20 23:59
Severity ?
Summary
OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6457C946-123B-4B85-9253-D284A7A16A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0ECEAF-401A-434E-9B0A-1A234BAEFC4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "E751FA0E-0DF4-4F81-912A-1A132640246D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "43F61AC6-EDF6-4818-BA51-3EAA299680B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc4:*:*:*:*:*:*:*",
"matchCriteriaId": "D32984D8-9631-407B-834E-303B9405A425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "CB44A872-3FE2-47E9-BA84-B6E1015E1973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc6:*:*:*:*:*:*:*",
"matchCriteriaId": "F020080D-7181-400D-988E-6844D1653464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc7:*:*:*:*:*:*:*",
"matchCriteriaId": "86D08038-9815-4222-9CD3-1211FE5954A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDEBEDA-437A-4942-8A71-7B25DD558BCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "0EB8A78E-DAB9-4A72-BC54-58230E1E9B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta3:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D74ED1-34C5-4F95-A941-83664AFFF2ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta4:*:*:*:*:*:*:*",
"matchCriteriaId": "0747C1A9-C404-4FBD-AA8F-9DBB70FEB4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta5:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3B1AD4-9EA0-4D86-90E1-3366FBC5629D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta6:*:*:*:*:*:*:*",
"matchCriteriaId": "8E483BD0-CAB9-4DA0-AAA4-A934B8318FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta7:*:*:*:*:*:*:*",
"matchCriteriaId": "6F04FAB1-A558-4F93-9FBF-043DE259A813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta8:*:*:*:*:*:*:*",
"matchCriteriaId": "A189A733-3130-41B4-94DD-E99E294D0FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta9:*:*:*:*:*:*:*",
"matchCriteriaId": "7DEE5695-DC49-445D-864A-4739E16DF762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta10:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBF146F-2CFA-4F14-BFBC-E01B58F9F72B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D263CA-8B2C-4B66-8990-6224BAF52A8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta12:*:*:*:*:*:*:*",
"matchCriteriaId": "825C9FCE-AD76-4E32-8FEC-EEFA0662BC04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta13:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7519FA-831A-41D7-AFC3-B9457E6DFB4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta15:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB79AFD-493F-41F1-9EC1-8BCC0D28A914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta16:*:*:*:*:*:*:*",
"matchCriteriaId": "2C8F091B-194A-4FC5-87F4-A76CB490F3F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta17:*:*:*:*:*:*:*",
"matchCriteriaId": "11716B49-A920-4A1B-BEA5-4105213B9731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta18:*:*:*:*:*:*:*",
"matchCriteriaId": "756A7AF5-E502-4EDC-9693-4041C993E3BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta19:*:*:*:*:*:*:*",
"matchCriteriaId": "9885BC3E-1854-4561-9906-FFAEECA5B6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta20:*:*:*:*:*:*:*",
"matchCriteriaId": "D7B7759F-F228-436D-BC86-7317B0109C02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_beta28:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB9BD19-1BF9-42D0-9E43-7D95EE010347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F0A6E23-6456-4305-A7DA-8CA1D506D4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "D985B9F0-5B4F-4120-8ECF-506C5F6179FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7E6096-58BF-47F1-982B-27A9ED735AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc4:*:*:*:*:*:*:*",
"matchCriteriaId": "62362541-FE20-47ED-9E03-94216A3D43CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "C0BD7019-BBA5-4D08-85C8-571D2EC03FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc6:*:*:*:*:*:*:*",
"matchCriteriaId": "0D1D56A4-A03C-445C-993B-1AA12024D4FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc7:*:*:*:*:*:*:*",
"matchCriteriaId": "F563B1FD-FC1F-4304-8141-A1188A190835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc8:*:*:*:*:*:*:*",
"matchCriteriaId": "4269ED1A-3031-4572-B134-62C6E533D176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc9:*:*:*:*:*:*:*",
"matchCriteriaId": "140999A7-E9BB-4459-B3F8-48DF8F5DFE0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc10:*:*:*:*:*:*:*",
"matchCriteriaId": "41CD75B0-24D0-40BA-A4FB-925BD5414298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc11:*:*:*:*:*:*:*",
"matchCriteriaId": "DED8F3C5-8E43-4B07-8224-38BF4774F4CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc12:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC88614-E782-447B-B854-955498FAAA13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc13:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C1B8EE-3C12-452F-986E-6FD8A230685A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc14:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AC6851-F63E-47D7-BDEF-3BFF39E94D9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc15:*:*:*:*:*:*:*",
"matchCriteriaId": "685F5555-793D-4FAA-8CF4-578490CFAC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc16:*:*:*:*:*:*:*",
"matchCriteriaId": "E688CF0C-134B-49E2-AEB3-45ECACB8B5FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc17:*:*:*:*:*:*:*",
"matchCriteriaId": "1D385327-D1FF-4A22-A0C0-0C5AA53590C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc18:*:*:*:*:*:*:*",
"matchCriteriaId": "51329755-1DBF-40E1-960C-E924CDC4B22C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc19:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE65AC5-C218-456F-86FB-1C8BEC3C4598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc20:*:*:*:*:*:*:*",
"matchCriteriaId": "1412133F-3B44-43B6-A4FF-FF80E7B564E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_rc21:*:*:*:*:*:*:*",
"matchCriteriaId": "B55EE355-28A1-4955-9ADD-A8E02376C9F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test1:*:*:*:*:*:*:*",
"matchCriteriaId": "E942C13E-6B54-465F-8026-ED49BD7EA2F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test2:*:*:*:*:*:*:*",
"matchCriteriaId": "AADF30CF-AD36-45EB-AF50-EB0533B20B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD078F82-361C-4B38-86E8-85E129F41A36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test5:*:*:*:*:*:*:*",
"matchCriteriaId": "F9831C92-7717-4650-8689-3C41B773C5CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test6:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3521E7-572E-4ADD-AAF6-F1AE505B4BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test7:*:*:*:*:*:*:*",
"matchCriteriaId": "F73290B2-384B-4B0F-8763-EF4D5D7C39FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test8:*:*:*:*:*:*:*",
"matchCriteriaId": "4728B3CD-5B54-4B0B-8967-DE7D9E1474F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test9:*:*:*:*:*:*:*",
"matchCriteriaId": "F353B495-D69A-4831-9E5B-F15F8F749C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test10:*:*:*:*:*:*:*",
"matchCriteriaId": "16647409-3ADD-4E86-A053-4A7B8365700E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test11:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5CA9F6-68FE-4412-8CD5-F85E970249F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test12:*:*:*:*:*:*:*",
"matchCriteriaId": "74A74354-1EAB-4A4F-A79C-C04E9BCDF594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test14:*:*:*:*:*:*:*",
"matchCriteriaId": "03A016A3-CAA9-4FCB-B909-F4163CE1E19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test15:*:*:*:*:*:*:*",
"matchCriteriaId": "82A53B7C-8E9D-4DD6-8B00-628F7796A365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test16:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5AADA5-05DA-4660-9636-A3B737916A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test17:*:*:*:*:*:*:*",
"matchCriteriaId": "2778FEDE-063B-4454-9FA7-F526334CF9F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test18:*:*:*:*:*:*:*",
"matchCriteriaId": "989D471D-3F81-4018-A124-7FBEB3F4AB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test19:*:*:*:*:*:*:*",
"matchCriteriaId": "D4EA97AE-B2DD-40F8-81E1-467E895CE736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test20:*:*:*:*:*:*:*",
"matchCriteriaId": "F0C82A6A-4548-4508-B337-1061E57D78AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test21:*:*:*:*:*:*:*",
"matchCriteriaId": "36A972BC-6956-4195-933C-F3694BFEFB50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test22:*:*:*:*:*:*:*",
"matchCriteriaId": "E9EF5187-C008-4927-B5CB-A491768E9822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test23:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A39ECE-7C8D-4BB8-A408-08EA0879F03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test24:*:*:*:*:*:*:*",
"matchCriteriaId": "6C67474C-3274-4F62-AF98-6953F9744522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test26:*:*:*:*:*:*:*",
"matchCriteriaId": "D799CAF5-BFC3-4A80-8AE2-D292B7F9D9CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test27:*:*:*:*:*:*:*",
"matchCriteriaId": "98D3B905-FCD7-4136-A94C-76A95994CD85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0_test29:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE172A1-D9A5-4FF7-B316-4E0BD639B35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenVPN before 2.0.1, when running with \"verb 0\" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts."
}
],
"id": "CVE-2005-2531",
"lastModified": "2024-11-20T23:59:45.997",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-08-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://openvpn.net/changelog.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/16463"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17103"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2005/dsa-851"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:145"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_20_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/14605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openvpn.net/changelog.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/16463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_20_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/14605"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.