OpenVPN Patches Remotely Exploitable Vulnerabilities

The most important of the four issues is a Remotely-triggerable ASSERT() on malformed IPv6 packet bug that can be exploited to remotely shutdown an OpenVPN server or client. Tracked as CVE-2017-7508, the bug can be triggered if IPv6 and –mssfix are enabled and only if the IPv6 networks used inside the VPN are known.

Read full news article on SecurityWeek

 


Date:

Categorie(s):