CVE-2005-3409 [Medium] | Denial of Service in Openvpn

OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-03-30	3.12%	2.51%	-0.60%
2	2025-03-29	2.51%	3.12%	+0.60%
3	2025-03-17	—	2.51%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2025-03-30

3.12%

2.51%

-0.60%

2025-03-29

2.51%

3.12%

+0.60%

2025-03-17

—

2.51%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
5.0	2.0	MEDIUM	`AV:N/AC:L/Au:N/C:N/I:N/A:P` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:N) No confidentiality impact. Integrity impact (I:N) No integrity impact. Availability impact (A:P) Partial availability impact.	10.0	2.9	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

5.0

2.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:N/A:P Click to expand

Access vector (AV:N): Can be exploited remotely over network reachability.
Access complexity (AC:L): Exploitation conditions are straightforward and predictable.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:N): No confidentiality impact.
Integrity impact (I:N): No integrity impact.
Availability impact (A:P): Partial availability impact.

10.0

2.9

[email protected]

OS Trackers for CVE-2005-3409

vendor	priority	summary	link
`debian`	low	CVE-2005-3409 low priority: Debian including 1 source packages (openvpn), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.	https://security-tracker.debian.org/tracker/CVE-2005-3409
`gentoo`	normal	CVE-2005-3409: 1 GLSA(s) (200511-07), 1 atom(s) (net-misc/openvpn); latest impact normal.	https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2005-3409
`suse`	medium	CVE-2005-3409 severity moderate: SUSE including 11 source package names (openvpn, openvpn-2.5.3-1.2, …), 38 product×package rows across 16 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (16 product lines)): Known Not Affected 30, Fixed 8.	https://www.suse.com/security/cve/CVE-2005-3409/
`ubuntu`	medium	CVE-2005-3409 medium priority: Ubuntu including 1 source packages (openvpn), 4 status rows across 4 suites (dapper, edgy, feisty, upstream): released 3, needs-triage 1.	https://ubuntu.com/security/CVE-2005-3409

Affected software / configurations for CVE-2005-3409

Vendor	Product	Version	Raw CPE
openvpn	openvpn	2.0	cpe:2.3:a:openvpn:openvpn:2.0:::::::*
openvpn	openvpn	2.0.1_rc1	cpe:2.3:a:openvpn:openvpn:2.0.1_rc1:::::::*
openvpn	openvpn	2.0.1_rc2	cpe:2.3:a:openvpn:openvpn:2.0.1_rc2:::::::*
openvpn	openvpn	2.0.1_rc3	cpe:2.3:a:openvpn:openvpn:2.0.1_rc3:::::::*
openvpn	openvpn	2.0.1_rc4	cpe:2.3:a:openvpn:openvpn:2.0.1_rc4:::::::*
openvpn	openvpn	2.0.1_rc5	cpe:2.3:a:openvpn:openvpn:2.0.1_rc5:::::::*
openvpn	openvpn	2.0.1_rc6	cpe:2.3:a:openvpn:openvpn:2.0.1_rc6:::::::*
openvpn	openvpn	2.0.1_rc7	cpe:2.3:a:openvpn:openvpn:2.0.1_rc7:::::::*
openvpn	openvpn	2.0.2_rc1	cpe:2.3:a:openvpn:openvpn:2.0.2_rc1:::::::*
openvpn	openvpn	2.0.3_rc1	cpe:2.3:a:openvpn:openvpn:2.0.3_rc1:::::::*
openvpn	openvpn	2.0_beta1	cpe:2.3:a:openvpn:openvpn:2.0_beta1:::::::*
openvpn	openvpn	2.0_beta2	cpe:2.3:a:openvpn:openvpn:2.0_beta2:::::::*
openvpn	openvpn	2.0_beta3	cpe:2.3:a:openvpn:openvpn:2.0_beta3:::::::*
openvpn	openvpn	2.0_beta4	cpe:2.3:a:openvpn:openvpn:2.0_beta4:::::::*
openvpn	openvpn	2.0_beta5	cpe:2.3:a:openvpn:openvpn:2.0_beta5:::::::*
openvpn	openvpn	2.0_beta6	cpe:2.3:a:openvpn:openvpn:2.0_beta6:::::::*
openvpn	openvpn	2.0_beta7	cpe:2.3:a:openvpn:openvpn:2.0_beta7:::::::*
openvpn	openvpn	2.0_beta8	cpe:2.3:a:openvpn:openvpn:2.0_beta8:::::::*
openvpn	openvpn	2.0_beta9	cpe:2.3:a:openvpn:openvpn:2.0_beta9:::::::*
openvpn	openvpn	2.0_beta10	cpe:2.3:a:openvpn:openvpn:2.0_beta10:::::::*
openvpn	openvpn	2.0_beta11	cpe:2.3:a:openvpn:openvpn:2.0_beta11:::::::*
openvpn	openvpn	2.0_beta12	cpe:2.3:a:openvpn:openvpn:2.0_beta12:::::::*
openvpn	openvpn	2.0_beta13	cpe:2.3:a:openvpn:openvpn:2.0_beta13:::::::*
openvpn	openvpn	2.0_beta15	cpe:2.3:a:openvpn:openvpn:2.0_beta15:::::::*
openvpn	openvpn	2.0_beta16	cpe:2.3:a:openvpn:openvpn:2.0_beta16:::::::*
openvpn	openvpn	2.0_beta17	cpe:2.3:a:openvpn:openvpn:2.0_beta17:::::::*
openvpn	openvpn	2.0_beta18	cpe:2.3:a:openvpn:openvpn:2.0_beta18:::::::*
openvpn	openvpn	2.0_beta19	cpe:2.3:a:openvpn:openvpn:2.0_beta19:::::::*
openvpn	openvpn	2.0_beta20	cpe:2.3:a:openvpn:openvpn:2.0_beta20:::::::*
openvpn	openvpn	2.0_beta28	cpe:2.3:a:openvpn:openvpn:2.0_beta28:::::::*
openvpn	openvpn	2.0_rc1	cpe:2.3:a:openvpn:openvpn:2.0_rc1:::::::*
openvpn	openvpn	2.0_rc2	cpe:2.3:a:openvpn:openvpn:2.0_rc2:::::::*
openvpn	openvpn	2.0_rc3	cpe:2.3:a:openvpn:openvpn:2.0_rc3:::::::*
openvpn	openvpn	2.0_rc4	cpe:2.3:a:openvpn:openvpn:2.0_rc4:::::::*
openvpn	openvpn	2.0_rc5	cpe:2.3:a:openvpn:openvpn:2.0_rc5:::::::*
openvpn	openvpn	2.0_rc6	cpe:2.3:a:openvpn:openvpn:2.0_rc6:::::::*
openvpn	openvpn	2.0_rc7	cpe:2.3:a:openvpn:openvpn:2.0_rc7:::::::*
openvpn	openvpn	2.0_rc8	cpe:2.3:a:openvpn:openvpn:2.0_rc8:::::::*
openvpn	openvpn	2.0_rc9	cpe:2.3:a:openvpn:openvpn:2.0_rc9:::::::*
openvpn	openvpn	2.0_rc10	cpe:2.3:a:openvpn:openvpn:2.0_rc10:::::::*
openvpn	openvpn	2.0_rc11	cpe:2.3:a:openvpn:openvpn:2.0_rc11:::::::*
openvpn	openvpn	2.0_rc12	cpe:2.3:a:openvpn:openvpn:2.0_rc12:::::::*
openvpn	openvpn	2.0_rc13	cpe:2.3:a:openvpn:openvpn:2.0_rc13:::::::*
openvpn	openvpn	2.0_rc14	cpe:2.3:a:openvpn:openvpn:2.0_rc14:::::::*
openvpn	openvpn	2.0_rc15	cpe:2.3:a:openvpn:openvpn:2.0_rc15:::::::*
openvpn	openvpn	2.0_rc16	cpe:2.3:a:openvpn:openvpn:2.0_rc16:::::::*
openvpn	openvpn	2.0_rc17	cpe:2.3:a:openvpn:openvpn:2.0_rc17:::::::*
openvpn	openvpn	2.0_rc18	cpe:2.3:a:openvpn:openvpn:2.0_rc18:::::::*
openvpn	openvpn	2.0_rc19	cpe:2.3:a:openvpn:openvpn:2.0_rc19:::::::*
openvpn	openvpn	2.0_rc20	cpe:2.3:a:openvpn:openvpn:2.0_rc20:::::::*
openvpn	openvpn	2.0_rc21	cpe:2.3:a:openvpn:openvpn:2.0_rc21:::::::*
openvpn	openvpn	2.0_test1	cpe:2.3:a:openvpn:openvpn:2.0_test1:::::::*
openvpn	openvpn	2.0_test2	cpe:2.3:a:openvpn:openvpn:2.0_test2:::::::*
openvpn	openvpn	2.0_test3	cpe:2.3:a:openvpn:openvpn:2.0_test3:::::::*
openvpn	openvpn	2.0_test5	cpe:2.3:a:openvpn:openvpn:2.0_test5:::::::*
openvpn	openvpn	2.0_test6	cpe:2.3:a:openvpn:openvpn:2.0_test6:::::::*
openvpn	openvpn	2.0_test7	cpe:2.3:a:openvpn:openvpn:2.0_test7:::::::*
openvpn	openvpn	2.0_test8	cpe:2.3:a:openvpn:openvpn:2.0_test8:::::::*
openvpn	openvpn	2.0_test9	cpe:2.3:a:openvpn:openvpn:2.0_test9:::::::*
openvpn	openvpn	2.0_test10	cpe:2.3:a:openvpn:openvpn:2.0_test10:::::::*
openvpn	openvpn	2.0_test11	cpe:2.3:a:openvpn:openvpn:2.0_test11:::::::*
openvpn	openvpn	2.0_test12	cpe:2.3:a:openvpn:openvpn:2.0_test12:::::::*
openvpn	openvpn	2.0_test14	cpe:2.3:a:openvpn:openvpn:2.0_test14:::::::*
openvpn	openvpn	2.0_test15	cpe:2.3:a:openvpn:openvpn:2.0_test15:::::::*
openvpn	openvpn	2.0_test16	cpe:2.3:a:openvpn:openvpn:2.0_test16:::::::*
openvpn	openvpn	2.0_test17	cpe:2.3:a:openvpn:openvpn:2.0_test17:::::::*
openvpn	openvpn	2.0_test18	cpe:2.3:a:openvpn:openvpn:2.0_test18:::::::*
openvpn	openvpn	2.0_test19	cpe:2.3:a:openvpn:openvpn:2.0_test19:::::::*
openvpn	openvpn	2.0_test20	cpe:2.3:a:openvpn:openvpn:2.0_test20:::::::*
openvpn	openvpn	2.0_test21	cpe:2.3:a:openvpn:openvpn:2.0_test21:::::::*
openvpn	openvpn	2.0_test22	cpe:2.3:a:openvpn:openvpn:2.0_test22:::::::*
openvpn	openvpn	2.0_test23	cpe:2.3:a:openvpn:openvpn:2.0_test23:::::::*
openvpn	openvpn	2.0_test24	cpe:2.3:a:openvpn:openvpn:2.0_test24:::::::*
openvpn	openvpn	2.0_test26	cpe:2.3:a:openvpn:openvpn:2.0_test26:::::::*
openvpn	openvpn	2.0_test27	cpe:2.3:a:openvpn:openvpn:2.0_test27:::::::*
openvpn	openvpn	2.0_test29	cpe:2.3:a:openvpn:openvpn:2.0_test29:::::::*
openvpn	openvpn_access_server	2.0.1	cpe:2.3:a:openvpn:openvpn_access_server:2.0.1:::::::*
openvpn	openvpn_access_server	2.0.2	cpe:2.3:a:openvpn:openvpn_access_server:2.0.2:::::::*

References for CVE-2005-3409

URL	Tags
http://openvpn.net/changelog.html
http://secunia.com/advisories/17376	Patch Vendor Advisory
http://secunia.com/advisories/17447
http://secunia.com/advisories/17452
http://secunia.com/advisories/17480
http://www.debian.org/security/2005/dsa-885
http://www.gentoo.org/security/en/glsa/glsa-200511-07.xml
http://www.novell.com/linux/security/advisories/2005_25_sr.html
http://www.osvdb.org/20416
http://www.securityfocus.com/archive/1/415487
http://www.securityfocus.com/bid/15270

URL

CVE-2005-3409

Exploit prediction scoring system (EPSS) score for CVE-2005-3409

Common vulnerability scoring system (CVSS) metrics for CVE-2005-3409

Weakness enumeration for CVE-2005-3409

OS Trackers for CVE-2005-3409

Affected software / configurations for CVE-2005-3409

References for CVE-2005-3409