Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: OpenVPN Fixed OpenSSL Session Renegotiation Issue - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
OpenVPN Fixed OpenSSL Session Renegotiation Issue

OpenVPN released an update to respond to the OpenSSL vulnerability described in CVE-2009-3555. OpenVPN has identified a vulnerability caused by an error in OpenSSL which could be exploited by attackers to manipulate certain data and information.

OpenVPN recommend upgrading to version 2.1_rc21 which is available here.

Additional information regarding OpenVPN session renegotiation is available here.

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Guy

418 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!