Intrusion Prevention

OpenVPN.PCONTROL.DoS

Description

This indicates an attack attempt against a Denial of Service vulnerability in OpenVPN.
The vulnerability is caused by an error when the vulnerable software handles maliciously crafted packets. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system, via a crafted packet.

Affected Products

OpenVPN Project OpenVPN prior to 2.4.2
OpenVPN Project OpenVPN prior to 2.3.15

Impact

Denial of Service: Remote attacker can crash vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits

CVE References

CVE-2017-7478