Vulnerability Details CVE-2014-8104
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 79.9%
CVSS Severity
CVSS v2 Score 6.8
References
- http://advisories.mageia.org/MGASA-2014-0512.html
- http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00008.html
- http://www.debian.org/security/2014/dsa-3084
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:139
- http://www.ubuntu.com/usn/USN-2430-1
- https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
- http://advisories.mageia.org/MGASA-2014-0512.html
- http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00008.html
- http://www.debian.org/security/2014/dsa-3084
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:139
- http://www.ubuntu.com/usn/USN-2430-1
- https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
Products affected by CVE-2014-8104
-
cpe:2.3:a:openvpn:openvpn:2.0.1_rc1
-
cpe:2.3:a:openvpn:openvpn:2.0.1_rc2
-
cpe:2.3:a:openvpn:openvpn:2.0.1_rc3
-
cpe:2.3:a:openvpn:openvpn:2.0.1_rc4
-
cpe:2.3:a:openvpn:openvpn:2.0.1_rc5
-
cpe:2.3:a:openvpn:openvpn:2.0.1_rc6
-
cpe:2.3:a:openvpn:openvpn:2.0.1_rc7
-
cpe:2.3:a:openvpn:openvpn:2.0.2_rc1
-
cpe:2.3:a:openvpn:openvpn:2.0.3_rc1
-
cpe:2.3:a:openvpn:openvpn:2.0.4
-
cpe:2.3:a:openvpn:openvpn:2.0.6_rc1
-
cpe:2.3:a:openvpn:openvpn:2.0.9
-
cpe:2.3:a:openvpn:openvpn:2.0_rc1
-
cpe:2.3:a:openvpn:openvpn:2.0_rc10
-
cpe:2.3:a:openvpn:openvpn:2.0_rc11
-
cpe:2.3:a:openvpn:openvpn:2.0_rc12
-
cpe:2.3:a:openvpn:openvpn:2.0_rc13
-
cpe:2.3:a:openvpn:openvpn:2.0_rc14
-
cpe:2.3:a:openvpn:openvpn:2.0_rc15
-
cpe:2.3:a:openvpn:openvpn:2.0_rc16
-
cpe:2.3:a:openvpn:openvpn:2.0_rc17
-
cpe:2.3:a:openvpn:openvpn:2.0_rc18
-
cpe:2.3:a:openvpn:openvpn:2.0_rc19
-
cpe:2.3:a:openvpn:openvpn:2.0_rc2
-
cpe:2.3:a:openvpn:openvpn:2.0_rc20
-
cpe:2.3:a:openvpn:openvpn:2.0_rc21
-
cpe:2.3:a:openvpn:openvpn:2.0_rc3
-
cpe:2.3:a:openvpn:openvpn:2.0_rc4
-
cpe:2.3:a:openvpn:openvpn:2.0_rc5
-
cpe:2.3:a:openvpn:openvpn:2.0_rc6
-
cpe:2.3:a:openvpn:openvpn:2.0_rc7
-
cpe:2.3:a:openvpn:openvpn:2.0_rc8
-
cpe:2.3:a:openvpn:openvpn:2.0_rc9
-
cpe:2.3:a:openvpn:openvpn:2.0_test1
-
cpe:2.3:a:openvpn:openvpn:2.0_test10
-
cpe:2.3:a:openvpn:openvpn:2.0_test11
-
cpe:2.3:a:openvpn:openvpn:2.0_test12
-
cpe:2.3:a:openvpn:openvpn:2.0_test14
-
cpe:2.3:a:openvpn:openvpn:2.0_test15
-
cpe:2.3:a:openvpn:openvpn:2.0_test16
-
cpe:2.3:a:openvpn:openvpn:2.0_test17
-
cpe:2.3:a:openvpn:openvpn:2.0_test18
-
cpe:2.3:a:openvpn:openvpn:2.0_test19
-
cpe:2.3:a:openvpn:openvpn:2.0_test2
-
cpe:2.3:a:openvpn:openvpn:2.0_test20
-
cpe:2.3:a:openvpn:openvpn:2.0_test21
-
cpe:2.3:a:openvpn:openvpn:2.0_test22
-
cpe:2.3:a:openvpn:openvpn:2.0_test23
-
cpe:2.3:a:openvpn:openvpn:2.0_test24
-
cpe:2.3:a:openvpn:openvpn:2.0_test25
-
cpe:2.3:a:openvpn:openvpn:2.0_test26
-
cpe:2.3:a:openvpn:openvpn:2.0_test27
-
cpe:2.3:a:openvpn:openvpn:2.0_test28
-
cpe:2.3:a:openvpn:openvpn:2.0_test29
-
cpe:2.3:a:openvpn:openvpn:2.0_test3
-
cpe:2.3:a:openvpn:openvpn:2.0_test4
-
cpe:2.3:a:openvpn:openvpn:2.0_test5
-
cpe:2.3:a:openvpn:openvpn:2.0_test6
-
cpe:2.3:a:openvpn:openvpn:2.0_test7
-
cpe:2.3:a:openvpn:openvpn:2.0_test8
-
cpe:2.3:a:openvpn:openvpn:2.0_test9
-
cpe:2.3:a:openvpn:openvpn:2.1
-
cpe:2.3:a:openvpn:openvpn:2.1.0
-
cpe:2.3:a:openvpn:openvpn:2.1.1
-
cpe:2.3:a:openvpn:openvpn:2.1.2
-
cpe:2.3:a:openvpn:openvpn:2.1.3
-
cpe:2.3:a:openvpn:openvpn:2.1.4
-
cpe:2.3:a:openvpn:openvpn:2.2
-
cpe:2.3:a:openvpn:openvpn:2.2.0
-
cpe:2.3:a:openvpn:openvpn:2.2.1
-
cpe:2.3:a:openvpn:openvpn:2.2.2
-
cpe:2.3:a:openvpn:openvpn:2.3
-
cpe:2.3:a:openvpn:openvpn:2.3.0
-
cpe:2.3:a:openvpn:openvpn:2.3.1
-
cpe:2.3:a:openvpn:openvpn:2.3.2
-
cpe:2.3:a:openvpn:openvpn:2.3.3
-
cpe:2.3:a:openvpn:openvpn:2.3.4
-
cpe:2.3:a:openvpn:openvpn:2.3.5
-
cpe:2.3:a:openvpn:openvpn_access_server:2.0.0
-
cpe:2.3:a:openvpn:openvpn_access_server:2.0.1
-
cpe:2.3:a:openvpn:openvpn_access_server:2.0.10
-
cpe:2.3:a:openvpn:openvpn_access_server:2.0.2
-
cpe:2.3:a:openvpn:openvpn_access_server:2.0.3
-
cpe:2.3:a:openvpn:openvpn_access_server:2.0.5
-
cpe:2.3:a:openvpn:openvpn_access_server:2.0.6
-
cpe:2.3:a:openvpn:openvpn_access_server:2.0.7
-
cpe:2.3:a:openvpn:openvpn_access_server:2.0.8
-
cpe:2.3:o:canonical:ubuntu_linux:12.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.10
-
cpe:2.3:o:debian:debian_linux:7.0
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:mageia:mageia:4.0
-
cpe:2.3:o:opensuse:opensuse:12.3
-
cpe:2.3:o:opensuse:opensuse:13.1
-
cpe:2.3:o:opensuse:opensuse:13.2