FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

openvpn -- denial of service: malicious authenticated "tap" client can deplete server virtual memory

Affected packages
openvpn < 2.0.1

Details

VuXML ID 1986449a-8b74-40fa-b7cc-0d8def8aad65
Discovery 2005-07-27
Entry 2005-08-19

James Yonan reports:

A malicious [authenticated] client in "dev tap" ethernet bridging mode could theoretically flood the server with packets appearing to come from hundreds of thousands of different MAC addresses, causing the OpenVPN process to deplete system virtual memory as it expands its internal routing table.

References

CVE Name CVE-2005-2533
URL http://openvpn.net/changelog.html