Description

OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler.

Remediation

References

CVE-2005-3409

Related Vulnerabilities

GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23821)

WordPress Plugin UserPro-Community and User Profile Multiple Vulnerabilities (5.1.4)

WordPress Plugin YITH WooCommerce Subscription Security Bypass (1.3.4)

WordPress Plugin Product Addons & Fields for WooCommerce Security Bypass (23.9)

WordPress Plugin Livemesh SiteOrigin Widgets Security Bypass (2.5.1)

Severity

Medium

Classification

CVE-2005-3409

Tags

Missing Update Known Vulnerabilities