PublicDate: 2005-08-24 04:00:00 UTC
Candidate: CVE-2005-2531
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2531
Description:
 OpenVPN before 2.0.1, when running with "verb 0" and without TLS
 authentication, does not properly flush the OpenSSL error queue when a
 client fails certificate authentication to the server and causes the error
 to be processed by the wrong client, which allows remote attackers to cause
 a denial of service (client disconnection) via a large number of failed
 authentication attempts.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_openvpn: released (2.0.6-1)
edgy_openvpn: released (2.0.6-1)
feisty_openvpn: released (2.0.6-1)
devel_openvpn: released (2.0.6-1)
upstream_openvpn: needs-triage