CVE-2020-11462
https://notcve.org/view.php?id=CVE-2020-11462
An issue was discovered in OpenVPN Access Server before 2.7.0 and 2.8.x before 2.8.3. With the full featured RPC2 interface enabled, it is possible to achieve a temporary DoS state of the management interface when sending an XML Entity Expansion (XEE) payload to the XMLRPC based RPC2 interface. The duration of the DoS state depends on available memory and CPU speed. The default restricted mode of the RPC2 interface is NOT vulnerable. Se ha descubierto un problema en OpenVPN Access Server versiones anteriores a la versión 2.7.0 y versiones 2.8.x anteriores a la versión 2.8.3. • https://openvpn.net/vpn-server-resources/release-notes/#Release_notes_for_OpenVPN_Access_Server_283 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVE-2020-8953
https://notcve.org/view.php?id=CVE-2020-8953
OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication). OpenVPN Access Server versiones 2.8.x anteriores a 2.8.1, permite una omisión de autenticación LDAP (excepto cuando un usuario está inscrito en autenticación de dos factores). • https://openvpn.net/security-advisories • CWE-287: Improper Authentication •
CVE-2017-5868 – OpenVPN Access Server 2.1.4 CRLF Injection
https://notcve.org/view.php?id=CVE-2017-5868
CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attackers to inject arbitrary HTTP headers and consequently conduct session fixation attacks and possibly HTTP response splitting attacks via "%0A" characters in the PATH_INFO to __session_start__/. Una vulnerabilidad de inyección CRLF en la interfaz web en OpenVPN Access Server versión 2.1.4, permite a los atacantes remotos inyectar encabezados HTTP arbitrarios y, en consecuencia, conducir ataques de fijación de sesión y posiblemente ataques de división de respuesta HTTP por medio de caracteres "%0A" en la variable PATH_INFO en la función __session_start __ /. OpenVPN Access Server version 2.1.4 suffers from a CRLF injection vulnerability. • http://www.openwall.com/lists/oss-security/2017/05/23/13 http://www.securitytracker.com/id/1038547 https://sysdream.com/news/lab/2017-05-05-cve-2017-5868-openvpn-access-server-crlf-injection-with-session-fixation • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') •
CVE-2014-8104
https://notcve.org/view.php?id=CVE-2014-8104
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet. OpenVPN 2.x anterior a 2.0.11, 2.1.x, 2.2.x anterior a 2.2.3, y 2.3.x anterior a 2.3.6 permite a usuarios remotos autenticados causar una denegación de servicio (caída del servidor) a través de un paquete de canal de control pequeño. • http://advisories.mageia.org/MGASA-2014-0512.html http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00008.html http://www.debian.org/security/2014/dsa-3084 http://www.mandriva.com/security/advisories?name=MDVSA-2015:139 http://www.ubuntu.com/usn/USN-2430-1 https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b • CWE-399: Resource Management Errors •
CVE-2014-9104
https://notcve.org/view.php?id=CVE-2014-9104
Multiple cross-site request forgery (CSRF) vulnerabilities in the XML-RPC API in the Desktop Client in OpenVPN Access Server 1.5.6 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) disconnecting established VPN sessions, (2) connect to arbitrary VPN servers, or (3) create VPN profiles and execute arbitrary commands via crafted API requests. Múltiples vulnerabilidades de CSRF en la API XML-RPC en Desktop Client en OpenVPN Access Server 1.5.6 y anteriores permiten a atacantes remotos secuestrar la autenticación de administradores para solicitudes que (1) desconectan sesiones VPN establecidas, (2) conectan con servidores VPN arbitrarios, o (3) crean perfiles VPN y ejecutan comandos arbitrarios a través de solicitudes de la API manipuladas. • http://openvpn.net/index.php/access-server/security-advisories.html http://seclists.org/fulldisclosure/2014/Jul/76 http://www.securityfocus.com/archive/1/532795/100/0/threaded https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-1_OpenVPN_Access_Server_Desktop_Client_Remote_Code_Execution_via_CSRF_v10.txt https://www.youtube.com/watch?v=qhgysgfvQh8 • CWE-352: Cross-Site Request Forgery (CSRF) •