openvpn.git - Copy of the official OpenVPN git repo

diff options

author	Steffan Karger <steffan.karger@fox-it.com>	2014-11-20 13:43:05 +0100
committer	Gert Doering <gert@greenie.muc.de>	2014-11-28 20:28:53 +0100
commit	c5590a6821e37f3b29735f55eb0c2b9c0924138c (patch)
tree	d8750d54bdcd1af8dc8f18bac6e0cb8b3caa75ea /src/compat
parent	65eedc353349d2967fc03c54da807727e416e1b0 (diff)
download	openvpn-c5590a6821e37f3b29735f55eb0c2b9c0924138c.tar.gz openvpn-c5590a6821e37f3b29735f55eb0c2b9c0924138c.tar.xz openvpn-c5590a6821e37f3b29735f55eb0c2b9c0924138c.zip

Drop too-short control channel packets instead of asserting out.

This fixes a denial-of-service vulnerability where an authenticated client could stop the server by triggering a server-side ASSERT(). OpenVPN would previously ASSERT() that control channel packets have a payload of at least 4 bytes. An authenticated client could trigger this assert by sending a too-short control channel packet to the server. Thanks to Dragana Damjanovic for reporting the issue. This bug has been assigned CVE-2014-8104. Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1CED409804E2164C8104F9E623B08B9018803B0FE7@FOXDFT02.FOX.local> Signed-off-by: Gert Doering <gert@greenie.muc.de>

Diffstat (limited to 'src/compat')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: