CVE-2014-8104
NONE
Published Dec 3, 201411y ago · Modified Jun 17, 20262w ago
Published Dec 3, 2014 11y ago
Last Modified Jun 17, 2026 2w ago
Description
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
Threat Intelligence
No active exploitation signals — not in CISA KEV and no EPSS score yet.
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-399
Affected Products 142
| Vendor | Product | Version | Range |
|---|---|---|---|
| mageia | mageia | 4.0 | any |
| debian | debian_linux | 7.0 | any |
| debian | debian_linux | 8.0 | any |
| opensuse | opensuse | 12.3 | any |
| opensuse | opensuse | 13.1 | any |
| opensuse | opensuse | 13.2 | any |
| openvpn | openvpn | 2.0.1_rc1 | any |
| openvpn | openvpn | 2.0.1_rc2 | any |
| openvpn | openvpn | 2.0.1_rc3 | any |
| openvpn | openvpn | 2.0.1_rc4 | any |
| openvpn | openvpn | 2.0.1_rc5 | any |
| openvpn | openvpn | 2.0.1_rc6 | any |
| openvpn | openvpn | 2.0.1_rc7 | any |
| openvpn | openvpn | 2.0.2_rc1 | any |
| openvpn | openvpn | 2.0.3_rc1 | any |
| openvpn | openvpn | 2.0.4 | any |
| openvpn | openvpn | 2.0.6_rc1 | any |
| openvpn | openvpn | 2.0.9 | any |
| openvpn | openvpn | 2.0_rc1 | any |
| openvpn | openvpn | 2.0_rc2 | any |
| openvpn | openvpn | 2.0_rc3 | any |
| openvpn | openvpn | 2.0_rc4 | any |
| openvpn | openvpn | 2.0_rc5 | any |
| openvpn | openvpn | 2.0_rc6 | any |
| openvpn | openvpn | 2.0_rc7 | any |
| openvpn | openvpn | 2.0_rc8 | any |
| openvpn | openvpn | 2.0_rc9 | any |
| openvpn | openvpn | 2.0_rc10 | any |
| openvpn | openvpn | 2.0_rc11 | any |
| openvpn | openvpn | 2.0_rc12 | any |
| openvpn | openvpn | 2.0_rc13 | any |
| openvpn | openvpn | 2.0_rc14 | any |
| openvpn | openvpn | 2.0_rc15 | any |
| openvpn | openvpn | 2.0_rc16 | any |
| openvpn | openvpn | 2.0_rc17 | any |
| openvpn | openvpn | 2.0_rc18 | any |
| openvpn | openvpn | 2.0_rc19 | any |
| openvpn | openvpn | 2.0_rc20 | any |
| openvpn | openvpn | 2.0_rc21 | any |
| openvpn | openvpn | 2.0_test1 | any |
| openvpn | openvpn | 2.0_test2 | any |
| openvpn | openvpn | 2.0_test3 | any |
| openvpn | openvpn | 2.0_test4 | any |
| openvpn | openvpn | 2.0_test5 | any |
| openvpn | openvpn | 2.0_test6 | any |
| openvpn | openvpn | 2.0_test7 | any |
| openvpn | openvpn | 2.0_test8 | any |
| openvpn | openvpn | 2.0_test9 | any |
| openvpn | openvpn | 2.0_test10 | any |
| openvpn | openvpn | 2.0_test11 | any |
| openvpn | openvpn | 2.0_test12 | any |
| openvpn | openvpn | 2.0_test14 | any |
| openvpn | openvpn | 2.0_test15 | any |
| openvpn | openvpn | 2.0_test16 | any |
| openvpn | openvpn | 2.0_test17 | any |
| openvpn | openvpn | 2.0_test18 | any |
| openvpn | openvpn | 2.0_test19 | any |
| openvpn | openvpn | 2.0_test20 | any |
| openvpn | openvpn | 2.0_test21 | any |
| openvpn | openvpn | 2.0_test22 | any |
| openvpn | openvpn | 2.0_test23 | any |
| openvpn | openvpn | 2.0_test24 | any |
| openvpn | openvpn | 2.0_test25 | any |
| openvpn | openvpn | 2.0_test26 | any |
| openvpn | openvpn | 2.0_test27 | any |
| openvpn | openvpn | 2.0_test28 | any |
| openvpn | openvpn | 2.0_test29 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1 | any |
| openvpn | openvpn | 2.1.0 | any |
| openvpn | openvpn | 2.1.1 | any |
| openvpn | openvpn | 2.1.2 | any |
| openvpn | openvpn | 2.1.3 | any |
| openvpn | openvpn | 2.1.4 | any |
| openvpn | openvpn | 2.2 | any |
| openvpn | openvpn | 2.2 | any |
| openvpn | openvpn | 2.2 | any |
| openvpn | openvpn | 2.2 | any |
| openvpn | openvpn | 2.2 | any |
| openvpn | openvpn | 2.2.0 | any |
| openvpn | openvpn | 2.2.1 | any |
| openvpn | openvpn | 2.2.2 | any |
| openvpn | openvpn | 2.3 | any |
| openvpn | openvpn | 2.3 | any |
| openvpn | openvpn | 2.3 | any |
| openvpn | openvpn | 2.3 | any |
| openvpn | openvpn | 2.3 | any |
| openvpn | openvpn | 2.3 | any |
| openvpn | openvpn | 2.3.0 | any |
| openvpn | openvpn | 2.3.1 | any |
| openvpn | openvpn | 2.3.2 | any |
| openvpn | openvpn | 2.3.3 | any |
| openvpn | openvpn | 2.3.4 | any |
| openvpn | openvpn | 2.3.5 | any |
| openvpn | openvpn_access_server | 2.0.0 | any |
| openvpn | openvpn_access_server | 2.0.1 | any |
| openvpn | openvpn_access_server | 2.0.2 | any |
| openvpn | openvpn_access_server | 2.0.3 | any |
| openvpn | openvpn_access_server | 2.0.5 | any |
| openvpn | openvpn_access_server | 2.0.6 | any |
| openvpn | openvpn_access_server | 2.0.7 | any |
| openvpn | openvpn_access_server | 2.0.8 | any |
| openvpn | openvpn_access_server | 2.0.10 | any |
| canonical | ubuntu_linux | 12.04 | any |
| canonical | ubuntu_linux | 14.04 | any |
| canonical | ubuntu_linux | 14.10 | any |
References 6
- advisories.mageia.org http://advisories.mageia.org/MGASA-2014-0512.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00008.html
- debian.org http://www.debian.org/security/2014/dsa-3084
- mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2015:139
- ubuntu.com http://www.ubuntu.com/usn/USN-2430-1
- community.openvpn.net https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.