CVE-2023-46849
11.11.2023, 01:15
Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.Enginsight
| Vendor | Product | Version |
|---|---|---|
| openvpn | openvpn | 2.6.0 ≤ 𝑥 ≤ 2.6.6 |
| openvpn | openvpn_access_server | 2.11.0 ≤ 𝑥 ≤ 2.11.3 |
| openvpn | openvpn_access_server | 2.12.0 |
| openvpn | openvpn_access_server | 2.12.1 |
| debian | debian_linux | 12.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
References