OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.Referenceshttps://www.exploit-db.com/exploits/41993/https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAuditshttp://www.securitytracker.com/id/1038473http://www.securityfocus.com/bid/98444
