MDKSA-2005:206-1
- Package name
- openvpn
- Date
- 2005-12-09
- Advisory ID
- MDKSA-2005:206-1
- Affected versions
- 2006.0 i586 , 2006.0 x86_64
Problem description
Two Denial of Service vulnerabilities exist in OpenVPN. The first
allows a malicious or compromised server to execute arbitrary code
on the client (CVE-2005-3393). The second DoS can occur if when in
TCP server mode, OpenVPN received an error on accept(2) and the
resulting exception handler causes a segfault (CVE-2005-3409).
The updated packages have been patched to correct these problems.
Update:
Packages are now available for Mandriva Linux 2006.
Updated packages
2006.0 i586
7804df61685a36064119b813dca83172 2006.0/RPMS/openvpn-2.0.1-2.1.20060mdk.i586.rpm 2feb66835d37f31735746824027a2ef8 2006.0/SRPMS/openvpn-2.0.1-2.1.20060mdk.src.rpm
2006.0 x86_64
9d8cd19c6723507a275649c5d070970d x86_64/2006.0/RPMS/openvpn-2.0.1-2.1.20060mdk.x86_64.rpm 2feb66835d37f31735746824027a2ef8 x86_64/2006.0/SRPMS/openvpn-2.0.1-2.1.20060mdk.src.rpm