---

CVE-2017-7508 - log back

CVE-2017-7508 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Remote
Type	+ Denial of service
Description	+ A remote denial of service has been found in OpenVPN < 2.4.3, allowing a remote client to crash a server by sending a malformed IPv6 packet. The issue requires IPv6 and the --mssfix option to be enabled, and knowledge of the IPv6 networks used inside the VPN.
References	+ https://github.com/OpenVPN/openvpn/commit/c3f47077a7
Notes