Vulnerability Name:

CVE-2005-2533 (CCN-21928)

Assigned:2005-08-19
Published:2005-08-19
Updated:2008-09-05
Summary:OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2005-2533

Source: CCN
Type: OpenVPN Change Log Web page
OpenVPN Change Log

Source: CONFIRM
Type: UNKNOWN
http://openvpn.net/changelog.html

Source: CCN
Type: OpenVPN Download Web page
OpenVPN 2.0.1 -- released on 2005.08.16

Source: CCN
Type: SA16463
OpenVPN Multiple DoS Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
16463

Source: SECUNIA
Type: UNKNOWN
17103

Source: CCN
Type: SourceForge.net
Project: OpenVPN: Summary

Source: DEBIAN
Type: UNKNOWN
DSA-851

Source: DEBIAN
Type: DSA-851
openvpn -- programming errors

Source: MANDRIVA
Type: Patch, Vendor Advisory
MDKSA-2005:145

Source: CCN
Type: OSVDB ID: 18884
OpenVPN Client Spoofed MAC Address Saturation DoS

Source: XF
Type: UNKNOWN
openvpn-devtap-dos(21928)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openvpn:openvpn:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0.1_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0.1_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0.1_rc3:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0.1_rc4:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0.1_rc5:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0.1_rc6:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0.1_rc7:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta1:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta2:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta3:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta4:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta5:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta6:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta7:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta8:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta9:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta10:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta11:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta12:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta13:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta15:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta16:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta17:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta18:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta19:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta20:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_beta28:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc3:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc4:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc5:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc6:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc7:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc8:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc9:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc10:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc11:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc12:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc13:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc14:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc15:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc16:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc17:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc18:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc19:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc20:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_rc21:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test1:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test2:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test3:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test5:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test6:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test7:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test8:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test9:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test10:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test11:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test12:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test14:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test15:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test16:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test17:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test18:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test19:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test20:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test21:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test22:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test23:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test24:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test26:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test27:*:*:*:*:*:*:*
  • OR cpe:/a:openvpn:openvpn:2.0_test29:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20052533
    V
    CVE-2005-2533
    2015-11-16
    oval:org.debian:def:851
    V
    programming errors
    2005-10-09
    BACK
    openvpn openvpn 2.0
    openvpn openvpn 2.0.1_rc1
    openvpn openvpn 2.0.1_rc2
    openvpn openvpn 2.0.1_rc3
    openvpn openvpn 2.0.1_rc4
    openvpn openvpn 2.0.1_rc5
    openvpn openvpn 2.0.1_rc6
    openvpn openvpn 2.0.1_rc7
    openvpn openvpn 2.0_beta1
    openvpn openvpn 2.0_beta2
    openvpn openvpn 2.0_beta3
    openvpn openvpn 2.0_beta4
    openvpn openvpn 2.0_beta5
    openvpn openvpn 2.0_beta6
    openvpn openvpn 2.0_beta7
    openvpn openvpn 2.0_beta8
    openvpn openvpn 2.0_beta9
    openvpn openvpn 2.0_beta10
    openvpn openvpn 2.0_beta11
    openvpn openvpn 2.0_beta12
    openvpn openvpn 2.0_beta13
    openvpn openvpn 2.0_beta15
    openvpn openvpn 2.0_beta16
    openvpn openvpn 2.0_beta17
    openvpn openvpn 2.0_beta18
    openvpn openvpn 2.0_beta19
    openvpn openvpn 2.0_beta20
    openvpn openvpn 2.0_beta28
    openvpn openvpn 2.0_rc1
    openvpn openvpn 2.0_rc2
    openvpn openvpn 2.0_rc3
    openvpn openvpn 2.0_rc4
    openvpn openvpn 2.0_rc5
    openvpn openvpn 2.0_rc6
    openvpn openvpn 2.0_rc7
    openvpn openvpn 2.0_rc8
    openvpn openvpn 2.0_rc9
    openvpn openvpn 2.0_rc10
    openvpn openvpn 2.0_rc11
    openvpn openvpn 2.0_rc12
    openvpn openvpn 2.0_rc13
    openvpn openvpn 2.0_rc14
    openvpn openvpn 2.0_rc15
    openvpn openvpn 2.0_rc16
    openvpn openvpn 2.0_rc17
    openvpn openvpn 2.0_rc18
    openvpn openvpn 2.0_rc19
    openvpn openvpn 2.0_rc20
    openvpn openvpn 2.0_rc21
    openvpn openvpn 2.0_test1
    openvpn openvpn 2.0_test2
    openvpn openvpn 2.0_test3
    openvpn openvpn 2.0_test5
    openvpn openvpn 2.0_test6
    openvpn openvpn 2.0_test7
    openvpn openvpn 2.0_test8
    openvpn openvpn 2.0_test9
    openvpn openvpn 2.0_test10
    openvpn openvpn 2.0_test11
    openvpn openvpn 2.0_test12
    openvpn openvpn 2.0_test14
    openvpn openvpn 2.0_test15
    openvpn openvpn 2.0_test16
    openvpn openvpn 2.0_test17
    openvpn openvpn 2.0_test18
    openvpn openvpn 2.0_test19
    openvpn openvpn 2.0_test20
    openvpn openvpn 2.0_test21
    openvpn openvpn 2.0_test22
    openvpn openvpn 2.0_test23
    openvpn openvpn 2.0_test24
    openvpn openvpn 2.0_test26
    openvpn openvpn 2.0_test27
    openvpn openvpn 2.0_test29