FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenVPN -- Buffer overflow in PAM authentication and DoS through port sharing

Affected packages
openvpn < 2.3.11
openvpn-polarssl < 2.3.11

Details

VuXML ID 0dc8be9e-19af-11e6-8de0-080027ef73ec
Discovery 2016-03-03
Entry 2016-05-14

Samuli Seppänen reports:

OpenVPN 2.3.11 [...] fixes two vulnerabilities: a port-share bug with DoS potential and a buffer overflow by user supplied data when using pam authentication.[...]

References

URL https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.11
URL https://sourceforge.net/p/openvpn/mailman/message/35076507/