The remote host is missing an update to openvpn announced via advisory DSA 851-1. Several security related problems have been discovered in openvpn, a Virtual Private Network daemon. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-2531 Wrong processing of failed certificate authentication when running with verb 0 and without TLS authentication can lead to a denial of service by disconnecting the wrong client. CVE-2005-2532 Wrong handling of packets that can't be decrypted on the server can lead to the disconnection of unrelated clients. CVE-2005-2533 When running in dev tap Ethernet bridging mode, openvpn can exhaust its memory by receiving a large number of spoofed MAC addresses and hence denying service. CVE-2005-2534 Simultaneous TCP connections from multiple clients with the same client certificate can cause a denial of service when --duplicate-cn is not enabled. The old stable distribution (woody) does not contain openvpn packages.

For the stable distribution (sarge) these problems have been fixed in version 2.0-1sarge1. For the unstable distribution (sid) these problems have been fixed in version 2.0.2-1. We recommend that you upgrade your openvpn package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20851-1