- Home
- CVEs with nessus.description==This update for openvpn fixes the following security issues :
- CVE-2017-12166: OpenVPN was vulnerable to a buffer
overflow vulnerability when key-method 1 is used,
possibly resulting in code execution. (bsc#1060877).
- CVE-2016-6329: Now show which ciphers should no longer
be used in openvpn --show-ciphers to avoid the SWEET32
attack (bsc#995374)
- CVE-2017-7478: OpenVPN was vulnerable to unauthenticated
Denial of Service of server via received large control
packet. (bsc#1038709)
- CVE-2017-7479: OpenVPN was vulnerable to reachable
assertion when packet-ID counter rolls over resulting
into Denial of Service of server by authenticated
attacker. (bsc#1038711)
- Some other hardening fixes have also been applied
(bsc#1038713)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top