CVE-2014-8104

EPSS 2.0%

openvpn - security update

Published: 12/3/2014Modified: 4/28/2026

Also known as:DEBIAN-CVE-2014-8104

Description

OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.

Affected packages (3)

Debian/openvpnfrom 0, < 2.3.4-5
Debian/openvpnfrom 0, < 2.1.3-2+squeeze3
Debian/openvpnfrom 0, < 2.2.1-8+deb7u3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-8104