CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2017-7522 – Slackware Security Advisory - openvpn Updates
https://notcve.org/view.php?id=CVE-2017-7522
22 Jun 2017 — OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character. Las versiones de OpenVPN anteriores a 2.4.3 y 2.3.17, son vulnerables a una denegación de servicio por parte de un atacante remoto autenticado mediante el envío de un certificado con un carácter NULL insertado. New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. • http://www.securityfocus.com/bid/99230 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 7.4EPSS: 0%CPEs: 9EXPL: 0CVE-2017-7520 – Debian Security Advisory 3900-1
https://notcve.org/view.php?id=CVE-2017-7520
22 Jun 2017 — OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker. Las versiones anteriores a 2.4.3 y anterior a 2.3.17 de OpenVPN, son vulnerables a la denegación de servicio y/o posiblemente a la pérdida de memoria confidencial activada por un atacante de tipo man-in-the-middle. Karthikeyan Bhargavan and Gaetan Leurent discovered that 64-bit block ciphers are vulnerable to a birthday attack. A remote attacker c... • http://www.debian.org/security/2017/dsa-3900 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-7479 – Debian Security Advisory 3900-1
https://notcve.org/view.php?id=CVE-2017-7479
11 May 2017 — OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker. OpenVPN versiones anteriores a 2.3.15 y anteriores a 2.4.2, son vulnerables a una aserción alcanzable cuando el contador del identificador de paquete se devuelve como resultado de una denegación de servicio del servidor por parte de un atacante autenticado. Karthikeyan Bhargavan and Gaetan Leurent discovered that 64-bit ... • http://www.debian.org/security/2017/dsa-3900 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 15%CPEs: 10EXPL: 2CVE-2017-7478 – OpenVPN 2.4.0 - Denial of Service
https://notcve.org/view.php?id=CVE-2017-7478
11 May 2017 — OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2. OpenVPN versión 2.3.12 y más recientes, son vulnerables a la Denegación de Servicio no autenticada del servidor por medio de un paquete de control grande recibido. Tenga en cuenta que este problema se corrige en versiones 2.3.15 y 2.4.2. It was discovered that OpenVPN improperly triggered an assert when receiving an oversized cont... • https://packetstorm.news/files/id/142489 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6329 – Micro Focus Security Bulletin MFSBGN03794 2
https://notcve.org/view.php?id=CVE-2016-6329
01 Nov 2016 — OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack. OpenVPN, cuando utiliza un cifrado de bloques de 64 bits, facilita a atacantes remotos obtener datos de texto plano a través de un ataque birthday contra una sesión encriptada de larga duración, como lo demuestra una sesión HTTP-over-OpenVPN ... • http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-310: Cryptographic Issues •
CVSS: 6.8EPSS: 1%CPEs: 142EXPL: 0CVE-2014-8104 – Mandriva Linux Security Advisory 2014-246
https://notcve.org/view.php?id=CVE-2014-8104
02 Dec 2014 — OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet. OpenVPN 2.x anterior a 2.0.11, 2.1.x, 2.2.x anterior a 2.2.3, y 2.3.x anterior a 2.3.6 permite a usuarios remotos autenticados causar una denegación de servicio (caída del servidor) a través de un paquete de canal de control pequeño. Dragana Damjanovic discovered that OpenVPN incorrectly handled certain control channel ... • http://advisories.mageia.org/MGASA-2014-0512.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 4CVE-2014-5455 – OpenVPN Private Tunnel Core Service - Unquoted Service Path Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-5455
25 Aug 2014 — Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder. Vulnerabilidad de la ruta de búsqueda de Windows sin entrecomillar en el servicio ptservice anterior a la versión 3.0 de PrivateTunnel (Windows) y a la versión 3.1 de OpenVPN Connect (Windows) permite a los usuarios locales obtener privilegios a través de un ... • https://www.exploit-db.com/exploits/34037 • CWE-428: Unquoted Search Path or Element •
CVSS: 5.9EPSS: 0%CPEs: 16EXPL: 1CVE-2013-2061 – Mandriva Linux Security Advisory 2013-167
https://notcve.org/view.php?id=CVE-2013-2061
28 May 2013 — The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher. La función openvpn_decrypt en el archivo crypto.c en OpenVPN versiones 2.3.0 y anteriores, cuando se ejecuta en modo UDP, permite a los atacantes remotos obtener información confidencial por medio de un ataque de s... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2008-3459
https://notcve.org/view.php?id=CVE-2008-3459
04 Aug 2008 — Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted (1) lladdr and (2) iproute configuration directives, probably related to shell metacharacters. Una vulnerabilidad no especificada en OpenVPN versiones 2.1-beta14 hasta 2.1-rc8, cuando se ejecuta en sistemas que no son Windows, permite a los servidores remotos ejecutar comandos arbitrarios por medio de la configuración de directivas diseñadas (1... • http://openvpn.net/index.php/documentation/change-log/changelog-21.html • CWE-16: Configuration •
CVSS: 9.1EPSS: 1%CPEs: 85EXPL: 0CVE-2006-2229
https://notcve.org/view.php?id=CVE-2006-2229
05 May 2006 — OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service. • http://openvpn.net/man.html •