FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

openvpn -- multiple TCP clients connecting with the same certificate at the same time can crash the server

Affected packages
openvpn < 2.0.1

Details

VuXML ID 5ad3e437-e527-4514-b9ed-280b2ca1a8c9
Discovery 2005-08-03
Entry 2005-08-19

James Yonan reports:

If two or more client machines try to connect to the server at the same time via TCP, using the same client certificate, and when --duplicate-cn is not enabled on the server, a race condition can crash the server with "Assertion failed at mtcp.c:411"

[source]

References

CVE Name CVE-2005-2534
URL http://openvpn.net/changelog.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.