Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2005-3409

Published: 02/11/2005 Updated: 12/05/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Openvpn

Vulnerability Summary

OpenVPN 2.x prior to 2.0.4, when running in TCP mode, allows remote malicious users to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler.

Vulnerable Product Search on Vulmon Subscribe to Product

openvpn openvpn 2.0.1_rc5

openvpn openvpn 2.0.1_rc6

openvpn openvpn 2.0.1_rc7

openvpn openvpn 2.0_beta12

openvpn openvpn 2.0_beta13

openvpn openvpn 2.0_beta20

openvpn openvpn 2.0_beta28

openvpn openvpn 2.0_rc1

openvpn openvpn 2.0_rc10

openvpn openvpn 2.0_rc17

openvpn openvpn 2.0_rc18

openvpn openvpn 2.0_rc5

openvpn openvpn 2.0_rc6

openvpn openvpn 2.0_test14

openvpn openvpn 2.0_test15

openvpn openvpn 2.0_test21

openvpn openvpn 2.0_test22

openvpn openvpn 2.0_test5

openvpn openvpn 2.0_test6

openvpn openvpn 2.0.1_rc1

openvpn openvpn 2.0.1_rc2

openvpn openvpn 2.0.3_rc1

openvpn openvpn 2.0_beta1

openvpn openvpn 2.0_beta17

openvpn openvpn 2.0_beta18

openvpn openvpn 2.0_beta5

openvpn openvpn 2.0_beta6

openvpn openvpn 2.0_rc13

openvpn openvpn 2.0_rc14

openvpn openvpn 2.0_rc20

openvpn openvpn 2.0_rc21

openvpn openvpn 2.0_rc9

openvpn openvpn 2.0_test1

openvpn openvpn 2.0_test10

openvpn openvpn 2.0_test18

openvpn openvpn 2.0_test19

openvpn openvpn 2.0_test26

openvpn openvpn 2.0_test27

openvpn openvpn 2.0_test9

openvpn openvpn 2.0.1_rc3

openvpn openvpn 2.0.1_rc4

openvpn openvpn 2.0_beta10

openvpn openvpn 2.0_beta11

openvpn openvpn 2.0_beta19

openvpn openvpn 2.0_beta2

openvpn openvpn 2.0_beta7

openvpn openvpn 2.0_beta8

openvpn openvpn 2.0_beta9

openvpn openvpn 2.0_rc15

openvpn openvpn 2.0_rc16

openvpn openvpn 2.0_rc3

openvpn openvpn 2.0_rc4

openvpn openvpn 2.0_test11

openvpn openvpn 2.0_test12

openvpn openvpn 2.0_test2

openvpn openvpn 2.0_test20

openvpn openvpn 2.0_test29

openvpn openvpn 2.0_test3

openvpn openvpn 2.0

openvpn openvpn access server 2.0.1

openvpn openvpn access server 2.0.2

openvpn openvpn 2.0.2_rc1

openvpn openvpn 2.0_beta15

openvpn openvpn 2.0_beta16

openvpn openvpn 2.0_beta3

openvpn openvpn 2.0_beta4

openvpn openvpn 2.0_rc11

openvpn openvpn 2.0_rc12

openvpn openvpn 2.0_rc19

openvpn openvpn 2.0_rc2

openvpn openvpn 2.0_rc7

openvpn openvpn 2.0_rc8

openvpn openvpn 2.0_test16

openvpn openvpn 2.0_test17

openvpn openvpn 2.0_test23

openvpn openvpn 2.0_test24

openvpn openvpn 2.0_test7

openvpn openvpn 2.0_test8

Vendor Advisories

Debian CVElist Bug Report Logs: openvpn: Format string vulnerability in config parsing code
Debian Bug report logs - #336751 openvpn: Format string vulnerability in config parsing code Package: openvpn; Maintainer for openvpn is Bernhard Schmidt <berni@debianorg>; Source for openvpn is src:openvpn (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Tue, 1 Nov 2005 09:18:02 UTC Se ...
Debian CVElist Bug Report Logs: CVE-2005-3409: DoS through null pointer deference in exception handling
Debian Bug report logs - #337334 CVE-2005-3409: DoS through null pointer deference in exception handling Package: openvpn; Maintainer for openvpn is Bernhard Schmidt <berni@debianorg>; Source for openvpn is src:openvpn (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 3 Nov 2005 23:3 ...
Debian Security Advisories: DSA-885-1 openvpn -- several vulnerabilities
Several vulnerabilities have been discovered in OpenVPN, a free virtual private network daemon The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-3393 A format string vulnerability has been discovered that could allow arbitrary code to be executed on the client CVE-2005-3409 A NULL pointer de ...

References

NVD-CWE-Otherhttp://openvpn.net/changelog.htmlhttp://secunia.com/advisories/17376http://www.securityfocus.com/bid/15270http://www.debian.org/security/2005/dsa-885http://www.gentoo.org/security/en/glsa/glsa-200511-07.xmlhttp://secunia.com/advisories/17447http://secunia.com/advisories/17452http://www.novell.com/linux/security/advisories/2005_25_sr.htmlhttp://secunia.com/advisories/17480http://www.osvdb.org/20416http://www.securityfocus.com/archive/1/415487https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336751https://www.debian.org/security/./dsa-885
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654CVE-2023-49606encryptionNULL pointer dereferenceCVE-2024-4439CVE-2024-4649race conditionCVE-2024-27202CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook