Debian Bug report logs -
#337334
CVE-2005-3409: DoS through null pointer deference in exception handling
Reported by: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 3 Nov 2005 23:33:15 UTC
Severity: important
Tags: security
Fixed in version openvpn/2.0.5-1
Done: Alberto Gonzalez Iniesta <agi@inittab.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, Alberto Gonzalez Iniesta <agi@inittab.org>
:
Bug#337334
; Package openvpn
.
(full text, mbox, link).
Acknowledgement sent to Moritz Muehlenhoff <jmm@inutil.org>
:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, Alberto Gonzalez Iniesta <agi@inittab.org>
.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: openvpn
Severity: important
Tags: security
Hi,
openvpn 2.0.4 fixes another security problem:
* Security fix -- Potential DoS vulnerability on the
server in TCP mode. If the TCP server accept() call
returns an error status, the resulting exception handler
may attempt to indirect through a NULL pointer, causing
a segfault. Affects all OpenVPN 2.0 versions.
CVE-2005-3409
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-1-686
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15@euro (charmap=ISO-8859-15)
Reply sent to Alberto Gonzalez Iniesta <agi@inittab.org>
:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Moritz Muehlenhoff <jmm@inutil.org>
:
Bug acknowledged by developer.
(full text, mbox, link).
Message #10 received at 337334-close@bugs.debian.org (full text, mbox, reply):
Source: openvpn
Source-Version: 2.0.5-1
We believe that the bug you reported is fixed in the latest version of
openvpn, which is due to be installed in the Debian FTP archive:
openvpn_2.0.5-1.diff.gz
to pool/main/o/openvpn/openvpn_2.0.5-1.diff.gz
openvpn_2.0.5-1.dsc
to pool/main/o/openvpn/openvpn_2.0.5-1.dsc
openvpn_2.0.5-1_i386.deb
to pool/main/o/openvpn/openvpn_2.0.5-1_i386.deb
openvpn_2.0.5.orig.tar.gz
to pool/main/o/openvpn/openvpn_2.0.5.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 337334@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Alberto Gonzalez Iniesta <agi@inittab.org> (supplier of updated openvpn package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 7 Nov 2005 10:13:55 +0100
Source: openvpn
Binary: openvpn
Architecture: source i386
Version: 2.0.5-1
Distribution: unstable
Urgency: high
Maintainer: Alberto Gonzalez Iniesta <agi@inittab.org>
Changed-By: Alberto Gonzalez Iniesta <agi@inittab.org>
Description:
openvpn - Virtual Private Network daemon
Closes: 336751 337334
Changes:
openvpn (2.0.5-1) unstable; urgency=high
.
* New upstream release. Urgency high due to security issues.
- DoS vulnerability on the server in TCP mode.
(CVE-2005-3409) (Closes: #337334)
- Format string vulnerability in the foreign_option
function in options.c could potentially allow a malicious
or compromised server to execute arbitrary code on the
client. (CVE-2005-3393) (Closes: #336751)
Files:
04f23b07dcce1188a10c0232746f7ec4 623 net optional openvpn_2.0.5-1.dsc
4bd7a42991c93db23842a0992debe53b 662647 net optional openvpn_2.0.5.orig.tar.gz
3e0467bc6ce587a7a69000b97e418fb9 58027 net optional openvpn_2.0.5-1.diff.gz
2503099ce556ad0be7eb17cfdd580c35 320368 net optional openvpn_2.0.5-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDbyFCxRSvjkukAcMRAp+4AKC2Y1ozf7jzCiUrTHB+myyssklN+ACgqdw9
+e7R2/9Ib7HDIW8MCQQgIto=
=lLRy
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Mon, 25 Jun 2007 04:26:13 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:37:56 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.