Nom du paquet
openvpn
Date
2005-11-08
Advisory ID
MDKSA-2005:206
Affected versions
MNF2.0 i586

Problem description

Two Denial of Service vulnerabilities exist in OpenVPN. The first
allows a malicious or compromised server to execute arbitrary code
on the client (CVE-2005-3393). The second DoS can occur if when in
TCP server mode, OpenVPN received an error on accept(2) and the
resulting exception handler causes a segfault (CVE-2005-3409).

The updated packages have been patched to correct these problems.

Updated packages

MNF2.0 i586

 6d05d03341ef7c99bd0c044ac14383c7  mnf/2.0/RPMS/openvpn-2.0.1-0.2.M20mdk.i586.rpm
 8882e7500e1fb8a255f5f50885042608  mnf/2.0/SRPMS/openvpn-2.0.1-0.2.M20mdk.src.rpm

References