Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: OpenVPN
Published: 2023-11-11T00:05:13.487Z
Updated: 2024-08-02T20:53:21.915Z
Reserved: 2023-10-27T13:38:49.496Z
Link: CVE-2023-46849
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-11-11T01:15:07.270
Modified: 2023-11-29T03:15:42.383
Link: CVE-2023-46849
Redhat
No data.