OpenVPN version 2.6.0 through 2.6.20 and 2.7_alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled
2.6.19-0ubuntu0.24.04.32.6.13-1ubuntu32.6.14-1ubuntu12.6.14-2ubuntu12.6.14-2ubuntu1.12.6.19-0ubuntu0.25.10.12.6.19-0ubuntu0.25.10.22.7.0-1ubuntu1.2Exploitability
AV:NAC:HAT:PPR:LUI:PVulnerable System
VC:NVI:NVA:HSubsequent System
SC:NSI:NSA:NCVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N