CVE-2014-8104

Опубликовано: 03 дек. 2014

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.

Ссылки

http://advisories.mageia.org/MGASA-2014-0512.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00008.html
Third Party Advisory
http://www.debian.org/security/2014/dsa-3084
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2015:139
Broken Link
http://www.ubuntu.com/usn/USN-2430-1
Third Party Advisory
https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
Vendor Advisory
http://advisories.mageia.org/MGASA-2014-0512.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00008.html
Third Party Advisory
http://www.debian.org/security/2014/dsa-3084
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2015:139
Broken Link
http://www.ubuntu.com/usn/USN-2430-1
Third Party Advisory
https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:a:openvpn:openvpn:2.0.1_rc1:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0.1_rc2:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0.1_rc3:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0.1_rc4:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0.1_rc5:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0.1_rc6:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0.1_rc7:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0.2_rc1:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0.3_rc1:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0.6_rc1:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0.9:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc1:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc2:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc3:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc4:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc5:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc6:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc7:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc8:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc9:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc10:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc11:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc12:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc13:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc14:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc15:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc16:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc17:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc18:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc19:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc20:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_rc21:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test1:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test2:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test3:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test4:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test5:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test6:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test7:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test8:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test9:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test10:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test11:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test12:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test14:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test15:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test16:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test17:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test18:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test19:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test20:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test21:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test22:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test23:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test24:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test25:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test26:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test27:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test28:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.0_test29:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-1:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-10:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-11:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-12:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-13:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-14:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-15:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-16:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-2:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-3:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-4:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-5:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-6:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-7:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-8:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:beta-9:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_1:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_10:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_11:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_12:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_13:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_14:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_15:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_16:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_17:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_18:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_19:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_2:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_20:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_21:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_22:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_3:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_4:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_5:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_6:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_7:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_8:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1:rc_9:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.1.4:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.2:beta1:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.2:beta2:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.2:beta3:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.2:beta4:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.2:beta5:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.2.0:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3:alpha1:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3:alpha2:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3:alpha3:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3:beta1:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3:rc1:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3:rc2:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3.0:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3.2:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3.4:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3.5:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn_access_server:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn_access_server:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn_access_server:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn_access_server:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn_access_server:2.0.5:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn_access_server:2.0.6:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn_access_server:2.0.7:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn_access_server:2.0.8:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn_access_server:2.0.10:*:*:*:*:*:*:*

Конфигурация 5

Одно из

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01465

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-399

Связанные уязвимости

CVE-2014-8104

ubuntu

больше 10 лет назад

OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.

CVE-2014-8104

debian

больше 10 лет назад

OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before ...

GHSA-p2qj-cw7j-f6wr

github

около 3 лет назад

OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.

BDU:2015-09796

fstec

больше 10 лет назад

Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

EPSS

Процентиль: 80%

0.01465

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-399