CVE-2005-2532

Publication date 24 August 2005

Last updated 24 July 2024

Ubuntu priority

OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service (client disconnection) via a large number of packets that can not be decrypted.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
openvpn	7.04 feisty	Fixed 2.0.6-1
	6.10 edgy	Fixed 2.0.6-1
	6.06 LTS dapper	Fixed 2.0.6-1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2005-2532