FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 17:01:17 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
04cc7bd2-3686-11e7-aa64-080027ef73ec	OpenVPN -- two remote denial-of-service vulnerabilities Samuli SeppÃ¤nen reports: OpenVPN v2.4.0 was audited for security vulnerabilities independently by Quarkslabs (funded by OSTIF) and Cryptography Engineering (funded by Private Internet Access) between December 2016 and April 2017. The primary findings were two remote denial-of-service vulnerabilities. Fixes to them have been backported to v2.3.15. An authenticated client can do the 'three way handshake' (P_HARD_RESET, P_HARD_RESET, P_CONTROL), where the P_CONTROL packet is the first that is allowed to carry payload. If that payload is too big, the OpenVPN server process will stop running due to an ASSERT() exception. That is also the reason why servers using tls-auth/tls-crypt are protected against this attack - the P_CONTROL packet is only accepted if it contains the session ID we specified, with a valid HMAC (challenge-response). (CVE-2017-7478) An authenticated client can cause the server's the packet-id counter to roll over, which would lead the server process to hit an ASSERT() and stop running. To make the server hit the ASSERT(), the client must first cause the server to send it 2^32 packets (at least 196 GB). Discovery 2017-05-10 Entry 2017-05-11 openvpn < 2.3.15 >= 2.4.0 lt 2.4.2 openvpn23 < 2.3.15 openvpn-mbedtls >= 2.4.0 lt 2.4.2 openvpn-polarssl < 2.3.15 openvpn23-polarssl < 2.3.15 https://openvpn.net/index.php/open-source/downloads.html CVE-2017-7478 CVE-2017-7479 https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits https://ostif.org/?p=870&preview=true https://www.privateinternetaccess.com/blog/2017/05/openvpn-2-4-2-fixes-critical-issues-discovered-openvpn-audit-reports/

VuXML ID

Description

04cc7bd2-3686-11e7-aa64-080027ef73ec

OpenVPN -- two remote denial-of-service vulnerabilities

Samuli SeppÃ¤nen reports:

OpenVPN v2.4.0 was audited for security vulnerabilities independently by Quarkslabs (funded by OSTIF) and Cryptography Engineering (funded by Private Internet Access) between December 2016 and April 2017. The primary findings were two remote denial-of-service vulnerabilities. Fixes to them have been backported to v2.3.15.

An authenticated client can do the 'three way handshake' (P_HARD_RESET, P_HARD_RESET, P_CONTROL), where the P_CONTROL packet is the first that is allowed to carry payload. If that payload is too big, the OpenVPN server process will stop running due to an ASSERT() exception. That is also the reason why servers using tls-auth/tls-crypt are protected against this attack - the P_CONTROL packet is only accepted if it contains the session ID we specified, with a valid HMAC (challenge-response). (CVE-2017-7478)

An authenticated client can cause the server's the packet-id counter to roll over, which would lead the server process to hit an ASSERT() and stop running. To make the server hit the ASSERT(), the client must first cause the server to send it 2^32 packets (at least 196 GB).

Discovery 2017-05-10
Entry 2017-05-11
openvpn

< 2.3.15

>= 2.4.0 lt 2.4.2

openvpn23

< 2.3.15

openvpn-mbedtls

>= 2.4.0 lt 2.4.2

openvpn-polarssl

< 2.3.15

openvpn23-polarssl

< 2.3.15

https://openvpn.net/index.php/open-source/downloads.html
CVE-2017-7478
CVE-2017-7479
https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits
https://ostif.org/?p=870&preview=true
https://www.privateinternetaccess.com/blog/2017/05/openvpn-2-4-2-fixes-critical-issues-discovered-openvpn-audit-reports/