Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an malicious user to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openvpn openvpn |
||
openvpn openvpn access server |
||
openvpn openvpn access server 2.12.1 |
||
openvpn openvpn access server 2.12.0 |
||
debian debian linux 12.0 |
||
fedoraproject fedora 39 |