漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Pre-Auth EAP-TLS DoS on SoftEther VPN Developer Edition
Vulnerability Description
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 (and likely earlier versions of Developer Edition). An unauthenticated remote attacker can crash the vpnserver process by sending a single malformed EAP-TLS packet over raw L2TP (UDP/1701), terminating all active VPN sessions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未经控制的内存分配
Vulnerability Title
SoftEther VPN 安全漏洞
Vulnerability Description
SoftEther VPN是SoftEther开源的一款免费开源、跨平台、多协议的 VPN 软件。用于提供安全、灵活和高效的网络连接,绕过地理限制。 SoftEther VPN 5.2.5188及之前版本存在安全漏洞,该漏洞源于身份验证前处理畸形EAP-TLS数据包不当,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A