Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	APP:MISC:OPENVPN-IPV6-DOS
Severity	Minor
Recommended	Yes
Recommended Action	Drop
Category	APP
Keywords	Open Vpn Malformed TCP Header in IPv6 Packet Denial of Service
Release Date	2018/04/02
Update Number	3049
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: Open Vpn Malformed TCP Header in IPv6 Packet Denial of Service

This signature detects attempts to exploit a known vulnerability in OpenVPN. Successful exploitation would cause an OpenVPN client or server program to terminate, resulting in a denial-of-service conditions.

Extended Description

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet.

Affected Products

Openvpn openvpn 2.3.16
Openvpn openvpn 2.4.0
Openvpn openvpn 2.4.1
Openvpn openvpn 2.4.2

References

BugTraq: 99230
CVE: CVE-2017-7508
URL: https://guidovranken.wordpress.com/2017/06/21/the-openvpn-post-audit-bug-bonanza/
URL: https://community.openvpn.net/openvpn/wiki/vulnerabilitiesfixedinopenvpn243

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

APP: Open Vpn Malformed TCP Header in IPv6 Packet Denial of Service

Extended Description

Affected Products

References