AnsweredAssumed Answered

OpenVPN False Positive?

Question asked by mmacheret on Sep 25, 2013
Latest reply on Oct 17, 2013 by Cory Gwinn

From an authenticated scan:

 

QID 38485 - OpenVPN Client Remote Format String Vulnerability and QID 38487 - OpenVPN Server Remote Denial of Service Vulnerability

 

These are associated with versions prior to OpenVPN 2.0.4, which the Solution recommnds. However, the results text identifies the current version of OpenVPN is 2.0.9.

 

So has the vulnerabilities been re-opened in subsequent version and you recommend a back-rev? Or is this a F-P?

Outcomes